SiteCheck Signatures

  1. Home
  2. Signatures
  3. SiteCheck Signatures
  4. malware-entry-mwjs4359

malware-entry-mwjs4359

Description:

A remote javascript from www.feedcat.net was found on the site. Feedcat was recently sold and it is now being used to distribute malware and redirect sites that had their old widget installed.

 

Domains used in this attack:


http://www.feedcat.net/js2/button.js
http://continue_.s3.amazonaws.com/index.html?AWSAccessKeyId=AKIAIKDZBVZT6ABSN6MA&Expires=1311380327&Signature=mb6bZtwVtRx7LKWE7uPJ9znhSfc%3D

Affecting:

Any web site sites (no specific target)

 

Clean up:

Sign up here to get it clean up: Signup

 

Malware dump (sample of malware):


http://continue_.s3.amazonaws.com/index.html?AWSAccessKeyId=AKIAIKDZBVZT6ABSN6MA&Expires=1311373754&Signature=60QGS34LES2ymcgNXV2WT1Iq2Zg%3D
http://www.feedcat.net/js2/button.js