In association with heise online

16 June 2009, 14:26

Cligs short URL service hacked

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Cligs, the fourth most popular URL shortening service for the popular Twitter microblogging service, has been hacked. According to Graham Cluely of UK based security company Sophos, Cligs was hacked on Sunday to redirect approximately 2.2 million links to a story on Twitter hashtags by blogger Kevin Sablan from the Orange County Register. The hole exploited by the attacker has since been identified and closed.

Cligs is currently in the process of restoring the URLs back to their original destination sites from an early May backup. Some short URLs created since then, however, may be lost. According to the Cligs blog post, judging by its IP address the attack appears to have originated in Canada.

Other short URL services like Cligs, such as TinyURL and, also mask the true target of shortened URLs. This means that users don't know if they're clicking on a trustworthy link, or on a link that may send them to a malware site. A Firefox plug-in is available that shows the true target of shortened URLs in the preview.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit