The website of URL shortening service Bitly was down on Wednesday morning.The company has blamed a DDoS attack.
Visitors to the website were greeted with the messages ‘this webpage is not available' and ‘no data received' along with the respective error codes “ERR_TIMED_OUT†and “ERR_EMPTY_RESPONSE". The website was initially not accessible for approximately 20 minutes (between 10.10am and 10.30am GMT).
The service returned shortly afterwards, but the company then posted: "We are currently working to mitigate a DDoS attack. Some services will be unresponsive." The message, seemingly only visible to Bitly account holders, was later amended to say it was a "denial of service attack" and was removed from the website at 11.30am GMT.Â
Bitly claims to shorten more than one billion links per month, and is most often used for social networking, SMS and email. A growing proportion of its users are enterprises and SMBs. Some larger groups even customise their own links via Bitly - The New York Times uses nyti.ms and soft drinks manufacturer Pepsi uses pep.si.
Symantec, which itself uses Bitly links, earlier this month detailed that spammers were targeting Bitly along with users of instant messaging services Snapchat and Kik Messenger. In particular, the spammers were apparently abusing custom Bitly domains as a result of an API configuration problem, which left the API key visible.
“Spammers have found a way to create their own links using branded short domains in order to entice users into a false sense of security,†wrote Symantec researcher Satnam Harang at the time.
The anti-virus firm found Bitly links generated using custom domains owned by brands and companies like USA Today, National Geographic, The New York Post and MIT News, among others.
"Bitly has confirmed that some spammers obtained Bitly API keys belonging to various brands," Narang wrote.
SCMagazineUK.com has contacted Bitly, which was formed in 2008, for comments on this breaking story and is awaiting the company's response.
