Plugin Killer: WordPress Malware Disables Security Plugins
A malicious PHP file that was disabling common WordPress security plugins before injecting SEO spam onto the infected website.
Hidden Seo Spam Links
Many times when a website has been injected with SEO spam the owner is unaware of it until they begin to receive warnings from search engines or blacklists. This is by design as the attacker arranges the display of the website so that the links are not going to be visible by average human traffic.
No SEO spam visible to human traffic, but it exists out of sight.
One way to do this is to use design elements to “push” the injected SEO spam links off the visible portion of the website.