Welcome to the Computer Security Wiki! You can help us by expanding stubs, create new articles and improve current articles.
You can also help us by logging-in or creating an account!


From Malware Wiki
Jump to: navigation, search

Stubsymbol.png This article is a stub. You can help by editing it.

Notresponsiblesymbol.pngThis page contains either a download link to the malware or is a malicious website that is still active. Malware Wiki shall bare NO responsibility for any damage that you may cause to your machine by running the download or going to the site.

TypeBrowser hijacker, Adware (In the form of ads)
CreatorIan Donovan
Programming LanguageJavaScript, HTML, and CSS
File TypeHyperText Markup Language (.html,.htm)
This box: view  talk  edit

AdF.ly is a URL shortener similar to shorte.st that gives the user money when a link is shortened with it. The site itself isn't malicious, but the advertisements may be.


On the user's PC, it may open pop-ups if the owner of the link chooses so. There are 3 types of ads, pop ads, interstitials, and banners. The interstitials can be avoided if the user simply waits 5 seconds and clicks the "skip ad" button. The banners, being less intrusive (and common), can be avoided by clicking the red X in the top right corner of the screen. Pop ads may be simply closed. The person who made the shortened link sometimes links to scams, like the Brit method. This may also open Play Store links on mobile devices if the link owner chooses so. It also redirects the interstitial page to a random website after a certain amount of time. The push ad page may also create in-page toasts.


AdF.ly, depending on the shortener's decision, requires the user to click "Allow" on 2 notification dialogues The first is a fake dialogue that may sometimes display a dark themed page with a blue circular button with white text "Block" on it or a blank page. The page title may flash between the URL of the page and "## ##" This title was supposed to be "## Allow Notifications ##", but only the # remain. The second one is a real dialogue, which when "Allow" is clicked, the browser may display notifications of varying topics. When these are clicked, they do nothing. If the link owner decides so, they may block access the destination for users with ad blockers. Otherwise, the warning will still appear, but the user may still continue to the destination.