A year ago I was helping a friend to make his homepage with Joomla. We needed a facebook fan page module. Actually we didn't needed it, but I was too lazy to add the facebook fan page code myself as I had to edit the template (to do it the HTML5 way...). So instead of doing it myself - I went on a hunt for a good Facebook page module. After a short look at the JED I found my module - it had the best reviews... I tested it - it worked! Hurray!
Unfortunately the other day the facebook fan box was not displayed by the module anymore. So today I decided to have a look at the actual HTML code that was generated & I was shocked to discover a hidden link. The link was pointing to a shop for flowers, so at least it is not a malware site... I immediately thought that the site was hacked and I went to look at the PHP code of the module. It turns out the website was not hacked & the link is generated by the module code. So I downloaded the last version of the module and had a look at the code again - well, this time there was again a hidden link, but it was pointing to another site. (you know what that means right?)