Quick Cash Advance

I have some spam that is showing up in select RSS Feed readers of my blog:

The spam/link is "Quick Cash Advance With Small Commissions" and seems to be showing up consistently after the first paragraph of the blog post on Google and Yahoo RSS Feed Readers. It does not appear on the site itself or the RSS feed view on the site itself. I had a similar problem several months ago with the Pay Day Loan spam and was able to find the malicious code in a couple different files. Haven't had any problems since but not having much luck this time around. This problem showed up one day after I was experimenting with different Instagram posting plugins, all of which I have since removed but the problem remains.

Can anyone point me to the specific files that might contain the malicious code?

I have already taken several steps to include re-loading WP 3.5.1 and most of my plugins.

Thanks in advance for your help
Chris

Jo Biesta
Posted 2 years ago

Hi Chris

I had a similar issue with my site once, what it ended up being was base64 links which had been hacked into some of my files.

Have a google for wordpress base64 hack, this should bring up some posts which may help. It was a while ago but I think the links on my site were along the lines of eval(base64_decode('randomcharacters')).

Interesting facts

• Build-a-lot is a 2007 casual video game for Microsoft Windows. The object of the game is to construct, upgrade and sell houses for profits. They can flip houses for quick cash or collect rent to make funds go up. Players help mayors from eight different areas and through 35 different levels to complete the game. Build-a-lot was created by...