Twitter`s Own Shortlink System Gets Blacklisted, Renders All Twitter Links Inaccessible
Millions of Twitter users were unable to access hyperlinks in tweets on Sunday evening as the social network’s own short-link system got pulled off the DNS zone for over an hour. The incident, which basically affected all accounts, led any click on the tweet hyperlinks to an error page claiming that the resource the user tries to visit was unavailable.
Unlike other social networks, Twitter uses their own link shortening system called t.co to shorten any link pasted by the user in the tweet. This not only minimizes the link`s footprint in the diminutive 140-character micro-post, but also makes detection and blocking malicious URLs much easier straight from Twitter`s infrastructure.
The system was introduced in 2010 and has been working without any significant issues ever since. On Sunday though, it got inadvertently suspended by the domain registrar Melbourne IT LDT. following a phishing complaint.
“Yesterday in the process of actioning a phishing complaint, our policy team inadvertently placed the t.co domain on hold. The error was realized and rectified in approximately 40 minutes and t.co links again began working,” stated Tony Smith, a spokesperson for Melbourne IT in a CNET interview.
In simple terms, someone reported Twitter`s t.co domain as hosting a phishing page to the Melbourne IT registrar and an abuse engineer just pulled it off the DNS zone, making it (and all its links) not resolve in the DNS system. This procedure is known as ClientHold and allows a registrar to temporarily disable the domain`s resolution to an IP address for a variety of reasons such as abusive use or delayed payments. During the time the domain is put on ClientHold, its route is not modified, but it is not public either.
Twitter did not comment on the incident and there appears to be no hard feelings between the client and the registrar, but Sunday`s incident once again outlines the importance of not putting all eggs in a single basket especially when it comes to “real-time” social networking.
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US
July 16, 2021
How to protect yourself against cyberstalking
July 06, 2021
The Top Five Security Risks Smartphone Users Face Today
July 02, 2021
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials
July 02, 2021
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger
June 30, 2021
Mobile security threats: reality or myth?
June 13, 2021
FOLLOW US ON
You might also like
July 23, 2021
July 22, 2021
July 20, 2021