Sucuri reports, Advanced Search plugin as spam

1 Comment

This morning Sucuri reported that a website called seems to be behind a series of blackhat spam cases. Code found on compromised websites includes a call to for a Javascript file that hides a slew of spam links on the targeted website.

Along with the spam, the same group’s “Advanced Search” plugin includes hidden links and another callback to the website. The plugin itself has been removed from the plugin directory. If you’re already using the plugin, you should remove it immediately and run your site through a scanner (like Sucuri’s SiteCheck tool) right away.

For a breakdown of the offending code snippets, and exactly what to look out for on your blog, see Sucuri Security’s blog post.

One thought on “Sucuri reports, Advanced Search plugin as spam

  1. Yes, is a bad site and this has been known since last sometime mid-2011. It’s globally banned from all of, including the plugins directory. Every once in a while, they create a new account and try to sneak in more malware plugins.

    The plugin that Securi is referring to (advanced-search-plugin) was removed from the Plugins directory back in October. Since then, they’ve tried to get in at least 4 times I know of.

Comments are closed.