The change, spotted by the F-Secure blog today, is a good first step in securing the social network against attack. However, a greater vulnerability is the presence of short URLs on Twitter: these can hide the source URL and obscure the malicious sites behind them.
While Twitter does not appear to check these URLs for malware, market leader Bit.ly checks links against the the spam-filtering services SURBL and Google Safe Browsing, and additionally inserts a warning page if a URL is flagged as spam. We've found Bit.ly to be extremely responsive to these issues, clamping down on a rogue URL within minutes of our report. Combined, Twitter and Bit.ly are making it harder - but by no means impossible - to launch effective malware attacks on the service.
Facebook, too, is becoming proficient at stamping out malicious links. In the spring, we reported on a malware scare in Facebook mail on an almost weekly basis: we've received no such reports in recent months.
[via ReadWriteWeb]