Tiny.cc Block & Malware Warning
Essentia
I use tiny.cc nearly every day as part of my job. It's basically a godsend in the world of social media & online community management, and I've never had any issue with it in the several months I've been using it very regularly.
Almost 2 weeks ago, AdBlock (in Chrome) suddenly started blocking tiny.cc entirely. I checked my filter lists ('Acceptable Ads', 'Adblock custom filters', 'EasyList', 'EasyPrivacy', and 'Malware Protection') and they had all just updated within the previous 24 hours. The tiny.cc domain had been working fine just prior, and suddenly I couldn't even get to the websites that my existing tiny URLS linked to when using the short URL for them. The only way I could get to the tiny.cc website or any redirect site via a tiny URL was to manually turn off AdBlock on EACH individual URL - turning it off for the entire domain never worked. Now while checking my lists for updates, I noticed there was a 'notify me when Adblock detects malware' option under 'Malware Protection', which I turned on, at that time. I had Malware Protection on already, but not the notifications. So, then, I started receiving popup malware detection warnings every time I tried to load a tiny URL for which I hadn't yet turned off AdBlock.
Eventually I got around to turning each filter list off, one-by-one, and discovered that I can use tiny.cc just fine as long as I have the 'Malware Protection' list turned off. Of course, I'd rather have it on, generally speaking... I've tried to Google this situation or any issues that may have arisen with tiny.cc recently, and I've not come across anything except one other person posting to the Knowledge Base here, who was unable to load to tiny.cc the day after I discovered my issue. That post did not address anything to do with a malware issue nor did the response address any other known issues with the tiny.cc domain, specifically.
So, since I have my original issue sort of solved, in that I'm able to continue using tiny.cc as long as I have that one list turned off, I'm basically coming to inquire about what may have happened to cause tiny.cc to be filtered for malware in the first place. If there is a known security issue on the site or something, I'd rather be aware of it - but if it was flagged erroneously or over-cautiously for some reason that won't apply to me working with my own created tiny URLs, then I thought it might be something to be looked into and hopefully fixed. I'd like to turn Malware Protection back on AND continue using tiny.cc, if possible. :)
Thank you.
Discussions are closed to public comments.
If you need help with AdBlock please
start a new discussion.
Keyboard shortcuts
Generic
| ? | Show this help |
|---|---|
| ESC | Blurs the current field |
Comment Form
| r | Focus the comment reply box |
|---|---|
| ^ + ↩ | Submit the comment |
You can use Command ⌘ instead of Control ^ on Mac
Support Staff 1 Posted by Rhana on Nov 27, 2015 @ 05:01 PM
Hi Essentia,
Wow, this is one of the most thorough and well-researched trouble reports I've ever seen. The extra step you took that led to the malware list was the clue missing from that earlier discussion.
Malwaredomains.com added Tiny.cc to its blocked domain list on November 10 for containing resources used in phishing attempts. Malwaredomains is the recognized authority on malware hosts and author of the Malware Protection filter list.
If you must use Tiny.cc rather than a URL shortener that hasn't been compromised, you'll need to keep the Malware Protection list disabled. Sorry I don't have better news!
Rhana
AdBlock Community Manager
2 Posted by Essentia on Nov 27, 2015 @ 06:42 PM
Hi Rhana,
Thanks for the reply. I actually tried to load malwaredomains.com yesterday to check on this directly, but it appeared to be a broken link or outdated domain. Perhaps I typoed or it was a momentary blip. :)
Soo... I'm trying to determine what to DO with this info, how to proceed. Tiny.cc has been the easiest-to-use URL shortener that allows for updating the directing link, changing the link names, & keeping click-stats that I've found. I would also have to change approximately 100-ish links that are semi-regularly used by thousands of people. So if I can help it... I'd obviously rather not. :) Then again, I don't want to be endangering those users, either...
Do you know if Tiny.cc has been contacted about this situation and are they trying to fix it? And by 'containing resources used in phishing attempts', precisely what does that actually mean for the end-user? If AdBlock is on, so I am not seeing or interacting with ads of any kind on tiny.cc, AND I am only using the website to create & update my own short URLs, how 'in danger' should I be? How much of a threat is this to the average user who is simply using my created short URLs to get to the directing links?
Thanks for any additional info you can give me.
Support Staff 3 Posted by Rhana on Nov 27, 2015 @ 06:48 PM
Hi Essentia,
The best answers to your questions are going to come from the folks at Malwaredomains. Please send your questions to them at [email blocked] (remove the digits from the address; they're an anti-spam measure).
If you wouldn't mind, can you let us know what they say? This could be really helpful information for other users who run into this.
Rhana
AdBlock Community Manager
4 Posted by Essentia on Nov 27, 2015 @ 07:13 PM
The email was removed here, but I found it on their website. Will do! :)
Essentia
Support Staff 5 Posted by Rhana on Nov 29, 2015 @ 09:09 PM
Hi Essentia,
Rats, I was hoping that including the digits in the email address would get it through our support site's anti-spam measures. Guess not. I'm glad you found it elsewhere, though.
Good luck!
Rhana
AdBlock Community Manager
6 Posted by Essentia on Nov 30, 2015 @ 05:37 PM
Hello Rhana (and anyone else watching/awaiting feedback)
I heard back from Malwaredomains this morning. Thankfully, with good news. :)
"Fortunately, you have nothing to worry about. This was a false entry on our part.
More often than we'd hope, URL shorteners are used for malicious intent. Openphish sent us one of these URLs which was used as a phishing page (these pages are used to steal passwords and other info from end users). Since we only block top level domains (TLDs), this caused us to block all of Tiny.cc!
Tiny.cc often flags and removes URLs that have been used for malicious activity (the link that openphish sent us has been taken down by Tiny.cc already). As an end user and for those who use shortened URLs for situations like yours, there is nothing to worry about. The shortened URLs that you currently use are safe.
As of 11/25, we have removed the entry from our blacklist. We also whitelisted this URL, so this should not happen again! If you have any other trouble or questions, please let us know."
I wasn't aware that this had been fixed on the 25th because, by then, I'd had to turn OFF Malware Protection in order to functionally use the website. But, anyway, I have now turned it back on, removed the few tiny.cc URL whitelists I had managed to get to so far, and checked the website & my shortened URLs again, and all seems well! :)
Thanks for your feedback and assistance in getting this resolved.
Essentia
Support Staff 7 Posted by Rhana on Nov 30, 2015 @ 06:03 PM
Hi Essentia,
Yay, terrific! Thanks so much for letting us know, by the way, and for leaving this discussion public so that others can benefit. :)
Rhana
AdBlock Community Manager
Rhana closed this discussion on Nov 30, 2015 @ 06:03 PM.