14 DAY TRIAL // Security researchers claim that, as far as the number of malicious URLs is concerned, Twitter is pretty safe, which is a great improvement over how things were a year ago.
This is a conclusion of a study performed by security vendor Zscaler, which used its cloud-based services to scan a number of 1.5 million URLs posted in public tweets during the past three months.
The company scanned for phishing sites, malware distribution pages, drive-by downloads attacks, but not spam.
Another thing to stress is that the analysis did not cover links in direct messages (DM), where things might be different, since there have been some DM worms observed on Twitter this year.
First, the company breaks down the URLs by domain. Bit.ly is obviously the winner, accounting for 33% of all URLs. Twitpic.com comes next with 5%, while the third spot is taken by tl.gd with 4%.
Bit.ly is also in first position, as far as malicious link distribution goes, with 41% of the overall number. It is followed by twitthis.com, with 13%, and tinyurl.com, with 11%.
Twitthis.com's position is somewhat unexpected, because the service is not even in the top ten for URL usage on Twitter.
Zscaler points out that its high percentage of malicious links is mostly caused by compromised WordPress installations.
The good news is that the overall rate of malicious URLs on Twitter is a mere 0.07%. That's 1,149 out of 1,587,824 scanned URLs, which is pretty much negligible.
That's very comforting, especially considering that a year ago, security companies expressed great concern about the number of malicious links posted on Twitter.
At the time, both Kaspersky and Trend Micro built crawlers to scan URLs in the public Twitter timeline. The results suggested that the problem was slowly, but surely, getting worse.
It seems that either malware pushers are not viewing Twitter as an attractive target anymore and prefer black hat SEO, spoofed emails and other methods to spread their creations, or the site has gotten much better at filtering URLs.
"This shows once again that the number of malicious links in public tweets is very low," says Julien Sobrier, senior security researcher at Zscaler.
"Users should pay more attention to direct messages (private tweets), but overall they should feel safe using Twitter," he concludes.