When someone posts a link on X, the site generates a link preview. But reportedly, this system can be tricked, and bad actors can redirect you to malicious sites from a falsely advertised link preview.

As noted by security researcher Will Dormann, some posts on X purport to lead to a legitimate website, but actually redirect somewhere else. In Dormann’s example, an advertisement posted by a verified X user claims to lead to forbes.com. When Dormann clicks the link, however, it takes him to a different link to open a Telegram channel that is, “helping individuals earn maximum profit in the crypto market,” he said. In short, the “Forbes” link leads to crypto spam

  • dynamojoe@lemmy.worldEnglish
    15·
    8 months ago

    I need a firefox plugin that blocks Twitter. Not tweets from blue checkmarks, the whole damn site.

    • AtmaJnana@lemmy.worldEnglish
      13·
      8 months ago

      I have Nitter Redirect installed, but Nitter stopped working. So it just blackholes all X links. Some day I’ll add them to my pihole, I guess.

    • 4am@lemm.eeEnglish
      8·
      8 months ago

      PiHole can block any domain you want. AdGuardHome has a handy switch in the UI that does it for you.

    • oce 🐆@jlai.luEnglish
      8·
      7 months ago

      PrivacyBadger blocks embedded tweets, so since you’re probably not going to visit the website itself, it should do the trick.

      • Agrivar@lemmy.worldEnglish
        6·
        7 months ago

        Plus, it has the added benefit of drawing attention to how many “articles” on other sites are just a long string of embedded tweets.