A PHP backdoor that injects its payload into the default PHP error_log

Many times when a website has been injected with SEO spam the owner is unaware of it until they begin to receive warnings from search engines or blacklists. This is by design as the attacker arranges the display of the website so that the links are not going to be visible by average human traffic. No SEO spam visible to human traffic, but it exists out of sight. One way to do this is to use design elements to “push” the injected SEO spam links off the visible portion of the website.