Spammers Using SHY Character to Hide Malicious URLs

View previous topic View next topic Go down

Spammers Using SHY Character to Hide Malicious URLs

Post by Dude111 on 12/10/2010, 10:44

Spammers have jumped on the little-used soft hyphen (or SHY character) to fool URL filtering devices. According to researchers at Symantec Corp., spammers are larding up URLs for sites they promote with the soft hyphen character, which many browsers ignore. [more]

More > http://threatpost.com/en_us/blogs/spammers-using-shy-character-hide-malicious-urls-100710


Im on IE6 and it does not work!! (I tried it with IE6 and MyIE2 and both reject this link)

http://www.l­i­n­k­logger.com

That may look like a regular link,BUT THIER ARE DASHS IN IT.... (Shy characters) When i hover over it,i see the dashs and clicking it results in a 404 error.....

This IS a legit site however > http://www.linklogger.com

Most newer browsers IGNORE THESE CHARACTERS which can be a security risk if they are trying to sneak a bad URL thru and its someone who doesnt know the evilness of the net.. (Your browser wont show the added characters and will allow the bad site anyway)

So far i have seen IE7,Firefox 3.5,3.6 and IE8 fail this...... (All newer browsers)


Does anyone have an earlier copy of FF? (Say 1.5) that can see if it shows the dashs??


Im glad to be on a browser THAT DOESNT HIDE THINGS LIKE THAT!!

Dude111
Member
Member

Posts : 25
Join date : 2010-07-25

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum