Category: Articles
Chasing Pirates.
As part of my early experiments with “vibe-coded” apps, I built a link-shortening service in 2022. It’s still online. At its peak it quietly grew to around 2-4k users per month, generating more than 100k clicks monthly. Maintenance was almost zero - apart from one thing: taking down malicious links.
Tags: Thought.
If you’re not familiar with the problem, link shorteners are a convenient tool for bad actors. A shortened link hides the real destination, which helps attackers bypass many “super secure” corporate protections.
After a while I started thinking about shutting the service down. It’s free, it generates no profit, and although it runs on free cloud tiers, I wasn’t particularly excited about spending my time chasing down bad links.
Then I realised something.
What I had accidentally built was a perfect observation point into how cyber-criminals operate.
A real Pandora’s box.
Equipped with Kali Linux, I started analysing the links passing through the service.
What a gold mine.
Phishing kits, credential harvesters, fake login pages, malware loaders, redirect chains — all of it. And what struck me most was how dynamic the ecosystem is. This is a fast-moving industry with trends, new tricks, and new tools appearing almost every week.
Two observations
First: don’t blindly trust links.
No corporate security team, no antivirus, and no “advanced protection system” can fully protect you
from a well-crafted attack.
Second: your operating system matters.
If you have a choice, use macOS or Linux. Windows remains the primary target for most malware campaigns
simply because of its dominance in corporate environments.
In cybersecurity terms, that makes Windows users… the main hunting ground.
Michal
