Google blocking all bit.ly links as malicious [now fixed]

Graham Cluley
Graham Cluley
@

 @grahamcluley.com
 @[email protected]

Hopefully this is a false alarm.

Bit.ly blocked

It seems bit.ly has made its way onto Google’s list of sites that aren’t safe to browse to.

Let’s hope it gets fixed soon, because boy oh boy it’s going to be inconvenient.

Sign up to our free newsletter.
Security news, advice, and tips.

At the time of writing there is no mention of the issue on the bit.ly blog or its Twitter account.

Of course – and this may be utterly unrelated – bit.ly did suffer a user credential hack earlier this year.

Until more is known, it’s possibly best to avoid links used by the URL-shortening service right now. Fingers crossed that there hasn’t been a security breach at bit.ly, and Google has goofed up.

Update:

It appears the issue has now been resolved.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "The AI Fix" and "Smashing Security" podcasts. Follow him on Bluesky, Mastodon, and Threads, or drop him an email.

4 comments on “Google blocking all bit.ly links as malicious [now fixed]”

  1. Alan

    Tis a pain Graham, we rely heavily on Bit.ly as up to now it has been a great service to use but will be very off putting to our customer base if they think our website has a malicious intent…

    Has anything surfaced from Bit.ly HQ yet?

    Cheers

    Al

  2. Graham, the folks in the goo.gl URL shortener forum are reporting that Google is also marking goo.gl short URLs generated on the Feedburner site as malicious.

    Reference: https://groups.google.com/forum/#!topic/google-url-shortener/BwQvwR3e2ms

    I posted a comment there lamenting the fact that Google is encouraging all sites to use https, but their own goo.gl shortener still uses http. Perhaps bit.ly should consider doing the same, if they haven't already. It helps to assure that the short URL actually came from there.

    Thanks for accepting my contact request on LinkedIn.

    Keith

  3. LUFOS

    It got my followers and me shocked!
    But i think they fixed the problem now.

  4. Andy

    I wonder if this has to do with the sms crypoware that's attacking android via a bit.ly link?

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.