Sorry for replying to such an old topic, but there is not much information on this so figured people still aren't sure what it is.
linkfeed.php will be found on servers hacked with, usually an xss exploit. Usually the file "linkfeed.php" and "linkfeed.links.db" files wll be found in /images/something/[somethingbiglongandrandomlotsoflettersnumbers], sometimes it will be found in /incldues also, among other folders.
additionally you will find your index file , in the end, will have a lot of base64 stuff.
this is a way that spammers use to generate links for high google serps.
the base64 stuff you can decode online, it usually will contain the document root, location of linkfeed files, username of the hacker, etc etc.
even if your website was hacked doesn't mean the links will be visible as its automatic and doesn't "check" after the hack, it just moves on - view source.
ALSO, they will in general install (or try to) install a backdoor.
this attack from what i can tell is 100% automatic and not personal.
If you were hacked, you need to patch + clean up.
a few websites that use the xss scanning robot to hack/exploit and spam links:
ordercustompaper.com
academicexperts.us
advancedwriters.com
affordablepapers.com
bestessaytopics.com
blogscribes.com
buycollegepaper.com
buyessay.org
buyresearchpaper.net
buytermpaper.net
custom-writings.com
customwritings.com
customwritingservice.com
it-doctor.com.ua
essay-answers.com
essayforyou.com
essaylib.com
essaymoney.com
essaymonitoring.com
essaysexperts.com[DND*]
gpalabs.com
gradelancer.com
historypapers.org
lawpapers.net
stim.kiev.ua
livepaperhelp.com
mastersthesiswriting.com
midterm.us
ordercustompaper.com
orderessay.net
plagiarismdetect.com
primewriters.com
revisionlabs.com
thepensters.com
arenda.com.ua
0 replies