WordPress.org

Support

Support » How-To and Troubleshooting » Hacked – Blackhat SEO Spam

Hacked – Blackhat SEO Spam

  • I updated to the latest version of WordPress a couple days ago and almost immediately afterwards I noticed my server got really sluggish. I thought at first that it was my host, Go Daddy, but today I noticed when I was trying to access my dashboard it said something like cloud.net as the address it was trying to go to.

    My site is http://stacyjuba.com/blog/

    I ran a Sucuri scan and a bunch of pages have malware in the URL. It also indicated that this was the problem:

    Details:

    http://sucuri.net/malware/entry/MW:SPAM:SEO
    <script type='text/javascript'>if(document.getElementById('hideMe') != null){document.getElementById('hideMe').style.visibility = 'hidden';document.getElementById('hideMe').style.display = 'none';}</script><div id="page">

    I found the script once in my source code but then after I removed that section, my page design got split up and messed up so I pasted the script back where I found it and now it looks okay again. Also even when the script was removed, I did the scan again and I still got the same list of infected pages and the above message.

    How do I get rid of the script and what else should I look for? I did a scan for suspicious files and it didn’t find anything overly conclusive – a few files to check but one was from a plug in I put in today. (Evergreen Post Twitter) The sluggishness server problems started before I added that plug in.

    I know I need to change passwords and secret keys once problem is fixed but any other advice on how to get rid of it would be appreciated. I don’t see any other users on my site.

Viewing 2 replies - 1 through 2 (of 2 total)
Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Hacked – Blackhat SEO Spam’ is closed to new replies.