Buff.ly

Buff.ly is a service that allows users to conveniently shorten URLs and Web addresses that would otherwise be far too unwieldy in terms of length. Unfortunately, this service is often used as part of the activities of browser hijackers or other PUPs (Potentially Unwanted Programs) to hide the real destinations of the redirects they cause. As a result, many users could mistakenly identify buff.ly as an unsafe implant or a virus.

Browser hijackers are seldomly installed intentionally. These annoying applications hide themselves inside software bundles and fake installers and try to get installed on the system without attracting the user's attention. However, once activated, all pretenses of stealthiness are left behind, as the PUP takes control over important browser settings. In most cases, users will notice that their browser's homepage, new tab page, and default search engine have been set to now open an unfamiliar page promoted by the PUP.

These invasive applications also are notorious for being equipped with data-collection capabilities. While on the device, they can spy on the user's browsing activities, extract numerous device details, or try to access information saved as autofill data in the browsers. Autofill data is commonly used to populate log-in credentials and other sensitive details, such as personal information, payment data, credit/debit card numbers, etc.