Shulou(Shulou.com)11/24 Report--

According to CTOnews.com news on November 1, friends may have used the short URL service, which, as the name implies, is used to "shorten the URL" so that users can share web links, and can also meet the URL length limits of some platforms.

However, because the short URL service hides the real link, it has also become a tool used by hackers. Security company Infoblox released a report yesterday claiming that some hackers used the short URL service to carry out phishing attacks. These hackers colluded with an illegal short URL network provider named Prolific Puma to carry out phishing fraud and pass on malicious programs through various short web addresses.

▲ image source Infoblox researchers pointed out that Prolific Puma is not the only illegal short URL network provider they have found, but so far many hackers have chosen Prolific Puma's platform, and there seems to be "no legal content" on the network provider's platform.

According to a survey by Infoblox, Prolific Puma has registered a large number of domain names to provide short URL services. since April last year, the illegal Internet provider has registered 35000 to 75000 cheap domain names, including .us, .link, .info, .com, .cc, .me and so on.

▲ source InfobloxCTOnews.com found that the original URLs shortened by the Prolific Puma platform are basically phishing and fraudulent websites. Clicking on these short URLs will sometimes jump directly to malicious websites, sometimes they will jump to malicious websites only after multiple redirects, and sometimes they will jump to malicious websites only after multiple redirects, and sometimes they will jump to malicious websites by redirecting short URLs generated by other web vendors, and security company Infoblox believes that The "customers" who use Prolific Puma are very diverse.

▲ source Infoblox in addition, after registering new domain names, Prolific Puma usually leaves them at rest for a while, thus avoiding the detection of major website platform firewalls.

Infoblox has published the name of the domain name used by Prolific Puma on GitHub for external reference. Some domain names transcribed by CTOnews.com are as follows:

Yyds.is

Regz.info

Hygmi.com

Fssu.link

Ixoy.cc

Jrbc.info

Uhje.me

Rpzp.me

Zost.link

Xbsf.link

Wqeh.link

Ymql.link

Styi.info

6fe.us

U8n.us

D6s.us

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.