I've got a challenging Pharma Hack with a client. I have been dealing with that is very similar to the thread I found here:
So I did some further research about it and found a number of resources:
- http://www.pearsonified.com/2010/04/wordpress-pharma-hack.php (most informative one I found)
I have cleaned out my files looking for injected code, re-installed wordpress, updated/changed out dated plugins, cleaned out database (reverted to an older database prior to the hack), new ftp user, new passwords, new wordpress passwords, new mysql database/password
After this, I have resubmitted the site to Google, updated sitemap and request crawling for individual pages.
Yet the titles in Google search still appear on a number of the pages when searching the site. However, searching directly for the site with Google's search operator site: the titles are as intended.
Could this just be Google's cache not updating yet or is it possible the injected code is still being applied?
Note: After reinstalling wordpress last night I checked this morning to see if any new files have been injected into the site and there doesn't appear to be any.
I've contacted my server provider (Dreamhost) about this and waiting for a response too.
Any advice would be of huge help.