Twitter malware filter 'disappointing'

By Vivian Yeo, ZDNet Asia
Tuesday, August 04, 2009 07:23 PM

Twitter's new malware filter is a sign the social media site is stepping up efforts to stem attacks, but the measure has its shortcomings, say security experts.

Twitter's filtering mechanism was highlighted by Mikko Hyponen, chief research officer of F-Secure, in a blog post Monday. When a user tries to submit a tweet with a suspect Web link, the following warning appears:

"Oops! Your tweet contained a URL to a known malware site!"

Twitter's latest security measure was a positive one, especially in light of the current threats directed at the site, Hyponen told ZDNet Asia in an e-mail interview. The site, he noted, has been "attacked in many ways" including spam, worms such as Mikeyy, and phishing, he noted.

"None of these problems are at epidemic levels yet, but it's great to see Twitter take real action on this," he said.

Hacking is another challenge the popular microblogging site faces. In May, Twitter confirmed its network was hacked and some individual account information were leaked.

Dancho Danchev, independent security consultant and cyber threats analyst, noted that the site's latest security move was an indication "Twitter is finally moving from reactive to proactive security practices". However, he pointed out in a blog post on ZDNet Asia's sister site ZDNet.com, that the malware filter was "clearly still in development" and showed "disappointing results".

Danchev pointed to how a MySpace phishing page used in a tweet triggered the security filter, but was eventually accepted by adding a "http://" or removing the "www".

He noted that the site also allowed tweets containing links to several known malicious sites listed in Stopbadware's database, which has identified over 380,000 sites identified as unsafe. While it would not prevent the abuse of Twitter in the longer term, the failure to integrate such databases listing known malware was a "missed opportunity", Danchev said.

Twitter did not respond to e-mail queries from ZDNet Asia at press time.

0

0 votes

Save to My Library

Talkback 1 comments

Twitter malware filter 'disappointing'
for me it works fine BitDefender. It filters all the phishing pages. i'm very pleased of it
Posted by Edward Stream on Tuesday, August 04 2009 07:51 PM

Related Whitepapers

Featured Whitepapers

Tech Jobs Now!

TechGuides

Specials
News and Interviews
Whiteboard

UOB banks on economic downturn
Singapore bank's IT chief Susan Hwee explains how financial crisis offers new opportunities to reengineer
Play video
Domino's Pizza keeps customers eating
CEO Don Meij discusses strategy to grow customer base
Play video

Salesforce CEO chatters about new social media platform
Facebook-type app hits the enterprise
Play video
Salesforce demos Service Cloud 2
New Web-based tools for customer service
Play video

Cost Effective, Secure and HA Server Infrastructure for SMBs
Alan Wan from Dell illustrates how small and medium businesses can build a high availability IT infrastructure without requiring heavy investments on skills and resources.
Play video
Enterprise 2.0
Vince Casarez, vice president of product management at Oracle, explains how Web 2.0 technologies, such as tags, wikis, and mash-ups, can be applied within an organization.
Play video