Spam Redirection Embedded in Feeds

Thanks to Todd for alerting me that a low life spammer was exploiting Feed2JS to redirect feed links to their product site. It was clever, coy, and annoying all in one package.

The spammer was generating a feed that had embedded javascript in the channel->description field of the feed, and when rendered via Feed2JS with the HTML option, it actually was able to redirect a browser using the embedded Feed2JS code to redirect and go to another site. They are getting away to it, since the links are to numerous Feed2JS sites around- so and thus appear as legitiamte links when really they all serve to point to the spammers nest.

Specifically affected, are Feed2JS installed at:

* http://feed2js.org/ (which is DOA, someone please rap the knuckles of my former Maricopa colleagues, and ask them to check the darn XServe, hello?)
* http://www.library.yale.edu/feed/
* http://basw.co.uk/feed2js/
* http://alabelmizik.com/newhnr/newsfeed/
* http://coetechcenter.wichita.edu/feed/
* http://www.sleepmonsters.us/feed/
* http://www.asturblog.com/rss/feed2js/
* http://www.hellblazer.com/feed/
* http://franklin.tbo.net/feed2js/

If any of these are your sites, you may want to get an updated version of Feed2JS. I’ve made a quick code adjustment that disables the script insertions this spammer used, and is now available from the primary Feed2JS site at http://feed2js.org/index.php?s=download, or email me and I can send the one line of code that is updated.

It’s sad and pathetic that these sub human life forms waste my time picking up their cockroach poop piles. I did notice that the site the spammer redirects to uses Google Analytics, and I have forwarded full documentation to Google in the hopes their page rank and use of Google technology is flushed down the sewer.

I am rather sickened that this code I launched in the name of sharing is used for selfish pursuits, and also regret I have not had enough time to tend to its upkeep…. and worse that a lot of pages are still hanging on to the old Maricopa site which is out of commission.

If this kind of stuff has any value, please support me monthly on Patreon or a one time PayPal kibble toss
Profile Picture for Alan Levine aka CogDog
An early 90s builder of the web and blogging Alan Levine barks at CogDogBlog.com on web storytelling (#ds106 #4life), photography, bending WordPress, and serendipity in the infinite internet river. He thinks it's weird to write about himself in the third person.


Comments are closed.