It’s very common for us here at Sucuri to face SEO injections on almost any type of CMS-based site. Today, I’ll be presenting how one particularly ingenious malware manages to hide so well inside a WordPress website.
The Traditional Approach
There are two common approaches attackers use to inject SEO spam on websites:
- Injecting HTML code for concealed elements in theme files
- Injecting fake spam posts in the WordPress database
Both approaches are readily found during Sucuri’s routine remediation process.