The Man Behind Plugin Spam: Mason Soiza

This is a follow-up to our story titled “Display Widgets Plugin Includes Malicious Code to Publish Spam on WP Sites“. In this post, we explore who is behind the purchase and corruption of the Display Widgets plugin and at least two other popular WordPress plugins. As part of my research into the sale of the…

Display Widgets Plugin Includes Malicious Code to Publish Spam on WP Sites

If you have a plugin called “Display Widgets” on your WordPress website, remove it immediately. The last three releases of the plugin have contained code that allows the author to publish any content on your site. It is a backdoor. The authors of this plugin have been using the backdoor to publish spam content to…

404 to 301 Plugin Considered Harmful

Yesterday we received a site cleaning request where one of our customers was seeing spammy links, Payday Loans in this case, injected into their WordPress website page content. The links were only appearing when the site was visited by a search engine crawler. This is common when a site has been hacked. An extract from the…

Seo-moz.com SEO Spam Campaign

Here at Sucuri we handle countless cases of SEO spam. This malware involves a website being compromised in order to spread (mostly pharmaceutical) advertisements by linking visitors to unwanted websites and stuffing spam keywords into the site. These links and keywords help the spam websites to rank higher in search engines like Google, sending evenRead…