CIRCL announces the release of the source code of its latest software URL Abuse, which is being developed as part of the “European Union anti-Phishing Initiative” (EU PI) project. This project is coordinated by Cert-Lexsi and co-funded by the Prevention of and Fight against Crime programme of the European Union.
URLs are often used as a point of access for attackers, who create malicious links that redirect to a phishing or malicious website. Many e-commerce sites encounter this issue and the legitimacy of the URL is often not questioned by the users. To react to this ongoing malicious trend and to provide users with a preliminary check before clicking or submitting a link to a security organisation, CIRCL has launched URL Abuse in January this year in order to review the security of an URL.
“Whenever you enter a link into URL Abuse, the results could range from a potential to strong evidence that the submission is a malicious link. We also call to all the companies that blacklist URLs or have any useful information to contact us in order to contribute to the tool. The objective of sharing URL Abuse source code is to help other organizations to tackle security issues like phishing or even more advanced spear-phishing. In addition, it’s also a healthy opportunity to get contributions back from the community in order to improve URL Abuse over time.”, says Alexandre Dulaunoy from CIRCL.
URL Abuse analyses a number of elements such as: the redirection of the links and the places they are pointing to; the lookup of these links against different security black lists, and the history of DNS records or SSL certificates.
For more information on the European project: http://phishing-initiative.eu/
To read more about URL Abuse: https://www.circl.lu/services/urlabuse/
Source code of URL Abuse (for contributors or partners): https://github.com/CIRCL/url-abuse