Hacked - Blackhat SEO Spam (3 posts)

  1. stacyjuba
    Posted 2 years ago #

    I updated to the latest version of WordPress a couple days ago and almost immediately afterwards I noticed my server got really sluggish. I thought at first that it was my host, Go Daddy, but today I noticed when I was trying to access my dashboard it said something like cloud.net as the address it was trying to go to.

    My site is http://stacyjuba.com/blog/

    I ran a Sucuri scan and a bunch of pages have malware in the URL. It also indicated that this was the problem:


    <script type='text/javascript'>if(document.getElementById('hideMe') != null){document.getElementById('hideMe').style.visibility = 'hidden';document.getElementById('hideMe').style.display = 'none';}</script><div id="page">

    I found the script once in my source code but then after I removed that section, my page design got split up and messed up so I pasted the script back where I found it and now it looks okay again. Also even when the script was removed, I did the scan again and I still got the same list of infected pages and the above message.

    How do I get rid of the script and what else should I look for? I did a scan for suspicious files and it didn't find anything overly conclusive - a few files to check but one was from a plug in I put in today. (Evergreen Post Twitter) The sluggishness server problems started before I added that plug in.

    I know I need to change passwords and secret keys once problem is fixed but any other advice on how to get rid of it would be appreciated. I don't see any other users on my site.

  2. Krishna

    Posted 2 years ago #

  3. timmypotz
    Posted 2 years ago #

    I tried to scan your website again and its clean now.

Topic Closed

This topic has been closed to new replies.

About this Topic