WordPress.org

Support

Support » How-To and Troubleshooting » Blackhat SEO 4 rogue files added

Blackhat SEO 4 rogue files added

  • Hi, I’m hoping someone can identify the hack my site is experiencing. I discovered it when I did a WooRank evaluation of my site and it showed cialis spam in the description. The one blog post I read describing the “Pharma hack” did not sound the same as my problem. I also used Sucuri and it found blachat seo javascript in more of my pages. Google has listed it in the search rankings as compromised. I believe this occurred in the last few weeks at some point, if not in the last week.

    An Exploit Scanner check found 4 added files with similar suspicious looking code, the files are:

    wp-admin/includes/class-wp-option.php
    wp-admin/admin-meta.php
    wp-includes/theme-compat/author.php
    wp-includes/class-locale.php

    Also most my files are permissions 604, and these files stood out as being 644. I’m still looking for more weird files and examining the Exploit Scan results, and about to look in my database for any added users. Sort of working my way thru the ‘you’ve been hacked’ guides, but would love if anyone could point me to specifics about this particular hack.

    Thanks!

Viewing 5 replies - 1 through 5 (of 5 total)
Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Blackhat SEO 4 rogue files added’ is closed to new replies.
Skip to toolbar