The Major Security Issues with Shortening URLs

Shortened URLs can pose several major security risks if the user isn’t weary of them nor know how to spot a contaminated link. How do these pose a risk to unsuspecting users? First, they don’t offer any description of the link you’re going to. Usually, URLs contain the main website and perhaps the article or sub-page you’re being directed to go to. This can be easy for phishing and malware sites to be entered unexpectedly. Cases of this has emerged, such as when researchers found that shortened URLs that redirected a user to websites such as Facebook and Twitter infected computers with malware and sent users to a phishing site; a site that mimics the look of another but is solely used to steal one’s information. In 2014, a shortened goo.gl URL was sent out by mass via email as a “ACH” notification and just redirected people to a site that automatically downloads a malware infected file. Albeit, this isn’t directly short URLs fault, this is malware and spyware, but short URLs are being taken advantage of to send users to sites which contain contaminated files.

Another security risk could be brute-forcing shortened URLs. Essentially, because there is only a limited amount of combinations for short URLs, one with an extremely powerful set of computers with top range CPUs could create a piece of code that could search all the combinations of possible shortened URLs, revealing private files and information kept on cloud platforms, services such as OneDrive, a cloud based file uploaded, uses shortened URLs with only six characters. One could easy use all the combinations with powerful CPUs, download the files and then shift through them looking for private information.

There is low risk if the security of the shortened URL service can detect this and block overloading of the server from one internet connection. If you want a shortened URL with great security and no fuss, use toroox.

Top 3 Security Issues in the Mobile Gaming Industry

1. Hacking and Credential Theft

In a rush to get apps on the play store, mobile game developers often have limited time to prepare security. This can result in some games being easy targets for hackers looking to capitalize on the lack of security by stealing accounts, as account theft can be very profitable. The Irdeto cybersecurity team actually done an investigation into this recently and found that for just one game title they could buy over 50 stolen accounts, with prices ranging for $5 to a staggering $15,000 depending on what was available in the stolen account.

This has big consequences for the actual app developers as well, as some studies have shown that some mobile game developers have lost over 50% of their potential revenue due to his kind of hacking.

2. Data Leakage

Data leakage is largely seen as one of the most troubling threats to mobile security in 2020. According to Ponemon, companies in the mobile app industry currently have a 28% chance of experiencing a data breach incident in the next two years, on average. Granted the issue is more worrying for apps that hold lots of personal information like social media apps, however nowadays even mobile games may request a lot of personal information from its users. As a result, ensuring hackers can’t steal data from users is one of the biggest priorities for all mobile app develops, including game developers.

3. Hacking Redemption Codes

Redemption codes in the mobile gaming industry are essentially the same thing as coupon codes you’d use at clothing shops like Levi’s. As such, almost every game has them, just like in the real world. For example, there are redemption codes for the game AFK Arena over at afk.guide but if that’s not your cup of tea simply google the name of any game followed by “redemption code”.

However, the fact that most games have these redemption codes means that there is a black market for people trading them, and consequently hackers will steal redemption codes to use them as barter on such markets. When redemption codes are used after being stolen, hackers/buyers essentially get the item for free, and so the game doesn’t make profit. This will result in the game being seen as less successful than it otherwise would have in regard to profit, which is bad for developers.