Turbo VM Extension injecting code
For those of you who have found the same thing. Enter Turbo VM Extension.
I was in the latter stages of developing a WordPress theme when I found a strange section of code inserted at the bottom of the page. I originally thought it was a mistake in my code as there was a large white space at the bottom of the page until I used the console log on Google Chrome and noticed the following:
<div id=”spoon-plugin-kncgbdglledmjmpnikebkagnchfdehbm-2″ style=”display:none”></div>
Upon Googling this issue I found the snippet turned up in a few places. At the bottom of a piece of code on Github, bottom of forum signatures, and inside the code of other WordPress themes. Always at the bottom.
That day I had downloaded Turbo.net Launcher, a browser emulator. To create a login for the launcher I used spoon.net (seeing the connection now?). Turbo VM Extension is a Google Chrome Extension. When it is switched on, for some reason it injects itself into specific websites.
For now I have disabled the extension whilst I research it a little more…