The Latest in IT Security

The Danger of Remote Widgets – Feedcat.net Sold and Now Distributing Malware

29
Jul
2011


Do you like to add all types of “widgets” and cool badges to your site? Be careful which ones do you choose, or your site may get compromised. Be specially careful if the widget vendor sells the technology and doesn’t inform its users. Why, you may ask?

Recently, a popular widget site (feedcat) was sold on flippa. Out of nowhere sites that had their code embedded started getting redirected to random sites, get annoying pop up ads, and distributing malware.

This little piece of code was doing it:

<script src="http://www.feedcat.net/js2/button.js?pub=xx&amp;bmode=b83x16&amp;ilng=en&amp;section=”..

So, if you’re one of the 300k sites using feedcat, remove it now. If you are seeing weird pop ups or ads on your site, check to make sure you don’t have it installed.

If your site is currently redirecting to an Amazon site and getting stuck there you probably have the feedcat code on your site:

http://continue_.s3.amazonaws.com/index.html?AWSAccessKeyId=AKIAIKDZBVZT6ABSN6MA&Expires=1311373754&Signature=60QGS34LES2ymcgNXV2WT1Iq2Zg%3D

You can use our free scanner to see if your site has it: sitecheck.sucuri.net

Let us know if you have any questions.

*update:

Other people are complaining about it too.

Leave a reply


Categories

FRIDAY, MARCH 29, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments