A year ago I was helping a friend to make his homepage with Joomla. We needed a facebook fan page module. Actually we didn't needed it, but I was too lazy to add the facebook fan page code myself as I had to edit the template (to do it the HTML5 way...). So instead of doing it myself - I went on a hunt for a good Facebook page module. After a short look at the JED I found my module - it had the best reviews... I tested it - it worked! Hurray!
Unfortunately the other day the facebook fan box was not displayed by the module anymore. So today I decided to have a look at the actual HTML code that was generated & I was shocked to discover a hidden link. The link was pointing to a shop for flowers, so at least it is not a malware site... I immediately thought that the site was hacked and I went to look at the PHP code of the module. It turns out the website was not hacked & the link is generated by the module code. So I downloaded the last version of the module and had a look at the code again - well, this time there was again a hidden link, but it was pointing to another site. (you know what that means right?)
Yesterday I was reading an article that was stating that according to Microsoft 78% of the downloaded software on the internet through P2P or other untrusted websites has malware in it. In my case this joomla module didn't have malware in it, but it was also not nice to discover a hidden link there.
As it seems somebody else has found this hidden link before me, because the module is not anymore listed on the JED. But this goes to show that you should not blindly trust the code of people that you don't know. So my rule of thumb right now would be - if the developer of a particular extension is new to joomla, not well known for producing quality code - then look at his code for hidden surprises!
This goes to you too! Be careful where you download your next joomla extension!