On February 16 to February 17, 2017, malware gained access to my 3d.coldstreams.com web site. The malware generated spam messages that were routed to my Twitter, Facebook and Tumblr account pages.
This malware attack occurred while our Internet access was down (or mostly down) over the past 3 days. Fortunately, Internet service has been restored today and I have removed the spam messages from the Twitter and Facebook pages – still need to clean up the Tumblr page.
I believe I have successfully deleted the malware from the web site as there have been no more spam messages sent during the past 90 minutes.
My guess is the malware infected a “plug in” to the web site. Specifically, I think the plug-in was infected as part of a plug-in update. When the web site automatically updated to new versions, it downloaded the infected new code, installed that and began spamming.