Bit.ly, the popular URL shortening service was hacked in 2014 and reports are now surfacing that millions of the these accounts are available online. This is an absolutely huge deal and will lead to the following problems:
- A total screw-up in how the Internet works in terms of links which are supposed to go to a certain place but will now be redirected to other locations. Let’s say there are 10,000 clicks per year on a Bit.ly link each year. A person can take over the Bit.ly account and redirect this traffic elsewhere.
- A massive spread of malware will take place as hackers can redirect traffic to pages which are filled with malicious programs.
- A lost of trust in web links should take place as it is no longer safe to click on a link from a trusted source. In other words, lets say you follow a Twitter account Awesome-Autos which is trusted. You can no longer assume the links from this account are safe to click on. In other words, there is an implicit assumption that a reputable site won’t knowingly post a malicious link. Now, we have to also be sure the feeds we follow and sites we visit, have actively changed their Bit.ly passwords – assuming this is the service they use. Often-times it isn’t obvious that you will be clicking on a Bit.ly link, making the situation that much more difficult.
Of course this is the case if users haven’t changed their Bit.ly passwords. Hopefully people have but there will always be a number of people who just don’t because they are deceased, don’t know the password, etc.
Even though this hack is old, the fact this information is now in the public domain means anyone can try to take control of these accounts.