Hacked: Hidden Links

  • socialdecoy

    (@socialdecoy)


    15 years, 11 months ago

    When I do view source on my Web page, I find lots of garbage hidden links.

    I didn’t put them there and my blog has been removed from google because of these links (I actually received a notice from Google about this).

    It isn’t really clear to me if the unwanted content is in the database or a template (the WordPress software) as I’ve just started to investigate.

    I don’t know how often WordPress gets hacked but I did a search for some of the text in my message from google and found that there are a lot of people who got hacked. Here is the text I searched for: “While we were indexing your webpages, we detected that some of your pages”.

    Is the answer to this problem to just upgrade to the latest WordPress?

    I expected to find something at this site mentioning it. I poked around a bit in the site and the forum and I don’t see anything yet.

    One problem is to get rid of the unwanted garbage, but the other is to prevent it.

    Has anyone seen this?

Viewing 6 replies - 1 through 6 (of 6 total)
  • Keilya

    (@fantasycrusader)

    15 years, 11 months ago

    Well yes…I would say the common sense thing to do is to always upgrade to the latest version. I know there are some who don’t want to because of plugins compatibility issues. But honestly tell me, is the security of your site less important than a plugin which you could prolly find another way around?

    I’d just like to add that upgrading to the latest version is not entirely 100% hacker-safe, as with all other php scripts, but it is definitely much more safer than running an old version.

    Thread Starter socialdecoy

    (@socialdecoy)

    15 years, 11 months ago

    Upgrading might make the hacks less likely to happen but what about fixing the problem? Isn’t there a list of known hacks somewhere and what to do for each one? Or do I need to figure it out by myself?

    Keilya

    (@fantasycrusader)

    15 years, 11 months ago

    Hmm….I’m not sure about that. But some hacks yes…those that have affected many blogs on a large scale. Just do a search on the forums with the word “hacked” and you should see some of them. (:

    Normally I don’t really think there is a solution besides deleting those lines yourself. Because afterall, it isn’t really a worm or virus in your server, just lines. @.@ (Well if the hacker managed to plant worms in, that’ll be waay much more trouble. x.x)

    aitchbeeuk

    (@aitchbeeuk)

    15 years, 11 months ago

    This is not a solution, just sharing my experience-
    Over two months worth of posts have disappeared from the web site. I have downloaded the XML file of posts and discovered that the missing posts were still in the file but that everyone had been infected with spam. The spam is in the form of hidden links to porn sites. I went through the file and deleted all the spam and then uploaded the file back to WordPress using the import posts utility. I thought that this might clear out the infected files by replacing them but this does not seem to have worked. By looking at the comment id, I can still load up the infected files. The porn links of course aren’t visible in normal view but if I view the source, they still appear. I would like – a) to get rid of the infected links and b) to replace the fifty or so posts with the cleaned up version without spending hours and hours in the process. The version of WordPress I am now using is 2.5.

    rosiembanks

    (@rosiembanks)

    15 years, 11 months ago

    There has been plenty written about similar attacks:

    Security Issue, Multiple Sites

    Weird and Dangerous : ro8kfbsmag.txt

    …and an excellent article here:
    Has Your WordPress Been Hacked Recently

    There are lots of helpful solutions listed in them, too.

    Roy

    (@gangleri)

    15 years, 11 months ago

    The question is quite different than it’s posed here. You get hacked (fortunately I don’t have the experience). This can be done by a number of ways, such as a vulnerable site on a shared server, an insecure plugin or perhaps even a bug in WP itself. Then there are several kinds of hacks. What I think I read above it probably that your theme has been compromised, so if you upgrade to another WP but use the same theme with the infected files, nothing changes. If a hacker cracked your password (to WP, to your database, to your FTP server, your control panel, etc.) and you don’t change it, upgrading isn’t going to solve the problem. There’s a lot of things to think about when you get hacked. Screen your files, especially those that you want to use again, change passwords (ALL) to something hard to crack and most importantly “harden WordPress” ones you’ve got things clean again to prevent to be hacked again in the future.

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Hacked: Hidden Links’ is closed to new replies.