We recently had a new client come to us with a rather peculiar issue on their WordPress website: They were receiving unwanted popup advertisements but only when the website was accessed through links posted on FaceBook. Initially we thought that this must be a rogue ad coming through an otherwise legitimate advertising network but it turned out to be a very well crafted and hidden spam injection.

In this post we will review this infection, outline the steps we took to find it, and explain how to prevent your website from falling victim to spam injections.

Continue reading Magbo Spam Injection Encoded with hex2bin at Sucuri Blog.

Pin It on Pinterest