The Danger of Remote Widgets – Feedcat.net Sold and Now Distributing Malware

Do you like to add all types of “widgets” and cool badges to your site? Be careful which ones do you choose, or your site may get compromised. Be specially careful if the widget vendor sells the technology and doesn’t inform its users. Why, you may ask?

Recently, a popular widget site (feedcat) was sold on flippa. Out of nowhere sites that had their code embedded started getting redirected to random sites, get annoying pop up ads, and distributing malware.

This little piece of code was doing it:

<script src="http://www.feedcat.net/js2/button.js?pub=xx&amp;bmode=b83x16&amp;ilng=en&amp;section=”..

So, if you’re one of the 300k sites using feedcat, remove it now. If you are seeing weird pop ups or ads on your site, check to make sure you don’t have it installed.

If your site is currently redirecting to an Amazon site and getting stuck there you probably have the feedcat code on your site:

http://continue_.s3.amazonaws.com/index.html?AWSAccessKeyId=AKIAIKDZBVZT6ABSN6MA&Expires=1311373754&Signature=60QGS34LES2ymcgNXV2WT1Iq2Zg%3D

You can use our free scanner to see if your site has it: sitecheck.sucuri.net

Let us know if you have any questions.

*update:

Other people are complaining about it too.

8 comments
  1. Starting 20.07.2011 Feedcat.net turned the free service into an ad sponsored one.

    A newsletter has been sent to all publishers informing about this changes.

    Please see Terms of Service, point 8: http://feedcat.net/terms

    “By using Feedcat.net and placing the button code on your website, you grant Feedcat.net the right to serve ads (popup ads, interstitial ads, exit ads) on your website. Feedcat.net will serve no more than one ad per unique IP every 14 days.”

    1. you know, you’ve really cost me thousands in losses just in one month with your damn ads and surveys that were being shot at my clients.  what your service did was hijack my website and basically send any NEW visitor to your ad sites and surveys.  you even drop a cookie so that the redirect doesn’t affect returning visitors (but damage has already been done and i’m sure no one would come back after having that first experience).   You guys suck!

    2. LOL Feedcat = deadCat.  Take your crappy spammy services elsewhere, Mr. I’ve Owned FeedCat for one month and have scared away all the customers.”  There was no newsletter, no warning, no nothing. 

  2. Like i said in a different post on a different forum, I’ve detected the hijack 2 weeks into it after losing a great amount of clients/customers and the numbers in my analytics and server logs were not making sense (great traffic but less than 5 seconds on the site and a high bounce rate!). 

    either way, I contacted feedcat’s tech support in which one of their developer had assured me that the issue has been resolved.  Is anyone still experiencing any issues related to feedcat?  If so, please DO TELL! 

  3. In behalf of Feedcat.net I want to say we are sorry for the incident this may have caused. 

    You can rest assured such behavior won’t happen in the future and the popup ads have been removed.

    Sincerely,
    Feedcat.net

Comments are closed.

You May Also Like