Attackers are increasingly using imitation Bitly links to distribute malware and spam, according to Malwarebytes.
In one attack, YouTube and other accounts were observed sharing various fake Bitly links that were said to lead to free video game downloads, but instead put computers at risk of being infected with malware, a Monday post indicates.
The MalwareBytes team observed links – beginning with btly[DOT]pw – directing users to a free file sharing website where they can download and extract a file, which turns out to be a trojan. In one instance, users were instructed to disable antivirus so the file can be installed.
In another fake Bitly link campaign, researchers observed users being directed to a fake BBC website advertising questionable dietary supplements.
Malwarebytes reminds users that Bitly links always begin with bit.ly, and all others should be ignored.