Title: sitesecure's Replies | WordPress.org --- # sitesecure [ ](https://wordpress.org/support/users/sitesecure/) * [Profile](https://wordpress.org/support/users/sitesecure/) * [Topics Started](https://wordpress.org/support/users/sitesecure/topics/) * [Replies Created](https://wordpress.org/support/users/sitesecure/replies/) * [Reviews Written](https://wordpress.org/support/users/sitesecure/reviews/) * [Topics Replied To](https://wordpress.org/support/users/sitesecure/replied-to/) * [Engagements](https://wordpress.org/support/users/sitesecure/engagements/) * [Favorites](https://wordpress.org/support/users/sitesecure/favorites/) Search replies: ## Forum Replies Created Viewing 3 replies - 1 through 3 (of 3 total) * Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) In reply to: [Receiving Reported Attack Site](https://wordpress.org/support/topic/receiving-reported-attack-site/) * [sitesecure](https://wordpress.org/support/users/sitesecure/) * (@sitesecure) * [16 years, 10 months ago](https://wordpress.org/support/topic/receiving-reported-attack-site/#post-821101) * This has happened to many of my clients recently, largely due to some viruses that after infecting a local machine, recovers stored user id/pw information for FTP from the PC. The virus then uploads hidden iframe scripts into pages, causing visitors to these pages to get infected. * Fortunately, Google is finding these quickly and blocking access to the site, but unfortunately many unknowing site owners are not removing the scripts and/ or don’t know how to go about requesting Google review the site. You can find information on how to request a review from Google at [http://googlewebmastercentral.blogspot.com/2008/08/hey-google-i-no-longer-have-badware.html](http://googlewebmastercentral.blogspot.com/2008/08/hey-google-i-no-longer-have-badware.html). * If you need assistance in removing the content that caused the malware/attack site label, I’ve found [http://www.iframehack.com](http://www.iframehack.com) to be fantastic. They have assisted me with several sites that I manage and each time the infection was removed and with their assistance, the Google block was removed within a couple of days. * Hope this helps others out there! * Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) In reply to: [WordPress hacked](https://wordpress.org/support/topic/wordpress-hacked-5/) * [sitesecure](https://wordpress.org/support/users/sitesecure/) * (@sitesecure) * [16 years, 10 months ago](https://wordpress.org/support/topic/wordpress-hacked-5/page/2/#post-1049391) * If you are having trouble removing the scripts from your pages and/or getting your site back into Google’s good graces, you might want to check out [http://www.iframehack.com](http://www.iframehack.com). Their blog provides quite a bit of information on the hack, including a list of the domains that these hidden iframes are directing traffic to, and provide a service that removes the malicious content from all of the pages on your site that were affected by the virus/trojan and assists with getting the site reincluded in Google results and having the “attack site” label removed. * Hope this helps someone! * Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) In reply to: [iFrame Hack on Several WP Sites](https://wordpress.org/support/topic/iframe-hack-on-several-wp-sites/) * [sitesecure](https://wordpress.org/support/users/sitesecure/) * (@sitesecure) * [16 years, 10 months ago](https://wordpress.org/support/topic/iframe-hack-on-several-wp-sites/page/2/#post-1114122) * If you are having trouble removing the scripts from your pages and/or getting your site back into Google’s good graces, you might want to check out [http://www.iframehack.com](http://www.iframehack.com). Their blog provides quite a bit of information on the hack, including a list of the domains that these hidden iframes are directing traffic to, and provide a service that removes the malicious content from all of the pages on your site that were affected by the virus/trojan and assists with getting the site reincluded in Google results and having the “attack site” label removed. * Hope this helps someone! Viewing 3 replies - 1 through 3 (of 3 total)