It’s very common for us here at Sucuri to face SEO injections on almost any type of CMS-based site. Today, I’ll be presenting how one particularly ingenious malware manages to hide so well inside a WordPress website.

The Traditional Approach

There are two common approaches attackers use to inject SEO spam on websites:

1. Injecting HTML code for concealed elements in theme files
2. Injecting fake spam posts in the WordPress database

Both approaches are readily found during Sucuri’s routine remediation process.

Continue reading Clever SEO Spam Injection at Sucuri Blog.

Via Sucuri.net