Lot of people on Twitter or other social services uses shortcut urls to promote web sites informations.

For this the concept is quiet simple to use:

Example:

We have this orginal link :

http://marc-blanchard.com/blog/index.php/toc/toc

And go to the http://www.bit.ly

The result on the original link is the following:

http://bit.ly/cYdLPl

Other exists kind of such of services with the same concept exists with anonymizer options, or other kind of services, or the same concept like: http://ow.ly

The danger :

a. Lot of malware devs use now this technique :

- To promote compromized web sites

- To do not be detectable on antivirus or antiphishing web filters scan engines

- To do not be detectable on antispam engines, because lot of spams arrives now with such of technique to route you to compromized web sites.

b. You don't know what you get and where you go !

- The main problem is that when you click on such of link, you cannot know what or where you go and what kind of site you click...Just have to trust your contact person that sended you the link.

So you can download malware files, exploited PDF, goes to malicious web sites...You click, you access, you are infected automatically...too late!

Conclusion:

We currently talk a lot on ghostnet or botnet that are maintaining with malwares propagations thru search engine using also the httpp2p (http2p) techniques for their males and females codes (active infections).

The fact to use the underground referencing systems on search engine with this concept means that some fakes infected web sites or exploited areas can be numerous in the next future....

Techniques to follow carefully ;-)