Code Injection

This does not look like typical injected links/code. Usually the code is disguised. These look more like advertising links. Which Theme are you using? Does it come these links already in the footer?

Or maybe the links are from a plugin such as a plugin that connects to these sites. The sites look legit and are not blacklisted sites.

Is there a way to pinpoint where they came from? I’m using a StudioPress theme so I doubt it’s that.
Thank you!

Do you have any plugins installed that do anything with games/Flash games?

No.

What happens when you remove the footer advertising links – do they come back automatically?

No, they are still gone.

Ok that would be another indication that this is not injected code. Typically injected code is after the fact. A hacker’s payload contains several different types of files. Some are hidden backdoor files, some can be Shells, some create new files (file regenerators) if you find some of the hacker files and some just do end result stuff like add malicious code/links/code injection. Code injection typically happens repeatedly until you find all of the files in a hacker’s payload.

Logically either these links were included in something you installed or were manually added later by someone who logged into your site. It is also possible that someone could have cracked your FTP password and manually edited files to add these links.

None of the factors/symptoms/etc involved indicate a typical hacker pattern/action. The sites are legitimate sites and for the links not to be hidden/disguised/obfuscated would be a huge risk for them to get their sites blacklisted. Both of these sites are owned by the same person.

My advice to you is change all of your passwords: WordPress, FTP, …

Thank you very much.

fixed typos and added additional info above…

Sure no problem. I try to stay away from pointing fingers, but my gut is telling me that someone you allowed admin access to your site did this. ??