Skip navigation

WordPress Blogs and More Hacked by Google Redirects

WordPress Security Tips and TechniquesHackers are just determined. There are no new security flaws reported recently in , but that hasn’t stopped imaginative and determined hackers.

The recent security issues concern hackers who work with Google and other search engine results and redirects traffic from your blog or website. The searchers clicks on the link and is redirected to the hacker’s site with the same search string used to search in the search engine. Most bloggers notice a problem when their site traffic drops inexplicably and/or their ad income drops.

This is not a WordPress-specific issue. Many non-WordPress blogs have been hit by this redirect technique over the years. WordPress blogs seem to be a new target, which is probably because there are so many and such a strong and vocal community to speak out against such abuse.

Donncha O’Caoimh has written Did Your WordPress Site Get Hacked? on how this works, how to detect the redirects, and offers tips on how to stop it.

Peter’s Useful Crap also published information to change the notifications on WordPress blogs on Linux to avoid being exploited and prevent future exploits by hackers.

This issue is discussed in the in WordPress Hacked and Redirected … Again and My WordPress Blog Hacked with Redirect! and the following articles also include information on this new redirection hacking technique:

I covered a lot of issues on how to find out if your block has been hacked in WordPress Security Prevention, Reactions, and Scares. Remember, the best protection from most hackers and security vulnerabilities is prevention. .

If you have an issue with WordPress, report it in the . If you discover a security issue, report it immediately via security@wordpress.org.

Related Articles on WordPress Security



Site Search Tags: , , , , , , , , , , , , , , ,

Feed on Lorelle on WordPress Subscribe Feedburner iconVia Feedburner Subscribe by Email Visit
Copyright Lorelle VanFossen, the author of Blogging Tips, What Bloggers Won't Tell You About Blogging.

16 Comments

  1. Posted June 11, 2008 at 7:50 pm | Permalink

    Thanks for these resources Lorelle, I read up on Donncha’s post about checking our blogs for traces of being hacked earlier today and I am still in the process of beefing up my security. I’m still left to wonder if those rss_#’s entries in my database are all evil though…

    I think the WP Security Scan plugin in the repository is definitely useful, at least as a basic initial step.

  2. Posted June 12, 2008 at 4:18 am | Permalink

    This news, piled on top of all the other “WordPress hacked” anouncements, don’t make me afraid, but it does seem like all of it could make the non-WP public afraid to use WordPress, regardless of the fact that it’s not a flaw in the code. Any stats on download rates?

  3. Posted June 12, 2008 at 9:12 am | Permalink

    @ Jonathan:

    There is a Download Counter for WordPress, though it isn’t a statistical report. However, from what I hear, WordPress use is not only increasing dramatically, it is being embraced by corporations, educational institutions, and governments faster than ever before.

    Security issues have been around since the beginning, even before the Internet. The time wasting evil doers, of which there are few, will continue to be the playground bullies online. Luckily, WordPress developers and fans are determined to fight back, which says a lot about WordPress. They don’t jump on suspicions but facts. With improvements in the new WordPress Administration Panels, they also now have a way to alert users of problems immediately, which accompanies their Email Alert Notification subscription.

    If we pay more attention to the bad guys, who thrive on the attention, they win. There are tons of reasons to use WordPress and only a few reasons not to.

  4. Posted June 12, 2008 at 9:15 am | Permalink

    I haven’t seen anything on my site yet, but I’m keeping an eye on it. It would suck if that happened to me and I think I’d quit blogging because of it.

  5. Posted June 12, 2008 at 5:09 pm | Permalink

    As I have read somewhere, good writers aren’t security experts. These recent developments in WordPress security brings additional worries to bloggers like me. Instead of focusing our efforts to writing good articles, our time is now divided between maintaining a good traffic thru good articles and keeping the bad guys out of our blogs.

    I hope someone would create a WP plugin to detect annomalies in WordPress installation.

  6. Posted June 12, 2008 at 5:21 pm | Permalink

    @ Arthur:

    There already are. See WordPress Security Prevention, Reactions, and Scares for details.

    @Jenny: If you quit because your block is hacked, they win.

  7. Jonathan
    Posted June 12, 2008 at 8:08 pm | Permalink

    There is a Download Counter for WordPress

    Wow, that’s awesome! Almost 1.2 Million downloads for 2.5 alone. I remember when we hit that mark for WordPress as a whole, and now for just one version. Do you think that number counts Subversion checkouts, also?

  8. Posted June 13, 2008 at 11:09 am | Permalink

    I blogged about it here in Is Your WordPress Site Safe from Hackers?, and mention a great security plugin written by Cherie that will help troubleshoot the entrance point should the unthinkable happen to you.

  9. Posted June 13, 2008 at 5:53 pm | Permalink

    @ Jonathan:

    I just wish they didn’t restart the count with every new major version. I’d love to see the cumulative counts for all the different versions, starting as far back as they can. Wouldn’t that be slick!

  10. kord1
    Posted June 15, 2008 at 3:11 pm | Permalink

    do u know about xat? cause i have see that on some wordpress’s but it dosent work on mine like the meebo thing

  11. kord1
    Posted June 15, 2008 at 3:11 pm | Permalink

    plz tell me how to do it

  12. Posted May 26, 2011 at 8:03 pm | Permalink

    Well, finally I have found the solution. At least some keywords don’t show up Cialis no more.
    You should go to webftp and find the files that contain Drugstore and eval (gzinflate(base64_decode(.
    Delete the files if the files are not wordpress file and remove the virus line in wordpress file such as wp-config.php.

    You could read the detail here.

  13. Posted November 21, 2011 at 9:57 am | Permalink

    This is one of the toughest infection to fix. If all the tools failed, you may try the methods mentioned in my article.

  14. Jason
    Posted April 26, 2012 at 1:24 am | Permalink

    Very helpfull post Lorelle, Thank you so much. I have been searching for help on this subject as a client of mine, there website was hacked with a search engine redirect and it was re-directing all search engine traffic from google only to an x rated dating site which had a huge effect on there business and reputation. This seemed to be because of some wordpress plugin which was installed to help them but it ended up being really bad, thank you for the info it has been most helpfull

    • Posted April 26, 2012 at 8:20 am | Permalink

      You are welcome. Redirect malware and other attacks often go unnoticed. They can be very tough to remove. Glad they were successful.


17 Trackbacks/Pingbacks

  1. […] blogi do niecnych praktyk SEO) na blogi korzystające z silnika WordPressa. Stało się to na tyle powszechne, że nawet sam Arrington (ech, niestety to nie on, to Nik Cubrilovic) z wysokości swojego […]

  2. […] WordPress Blogs and More Hacked by Google Redirects […]

  3. […] WordPress Blogs and More Hacked by Google Redirects « Lorelle on WordPress WordPress Blogs and More Hacked by Google Redirects « Lorelle on WordPress (tags: wordpress security) […]

  4. […] out for the latest WordPress hacks; they got the Worcester Republican blog, they could get you too. Mike’s pre-trial hearing is […]

  5. […] One of the more popular wordpress bloggers, Lorelle vanFossen, recently highlighted the issue once more on blog herald in her wordpress Wednesday news. But also on her own blog she gave attention to the matter on hacks by google redirects. […]

  6. […] jelent meg egy támadás a WordPress alapú blogok (mint az enyém) ellen. Lényege, hogy spam-linkek jelennek meg a […]

  7. […] by upgrading to the latest version. This time, it’s a non-WordPress issue, specifically a redirect technique, that’s affecting a lot of WordPress-powered […]

  8. […] 自WordPress 2.5发布以来,WordPress的开发blog和论坛里经常能看到关于WordPress安全性的讨论文章:1、2。其中谈到的黑客通常都是在blog上留下后台程序,或其他隐藏的恶意链接等。WordPress Exploit Scanner正是用于扫描WordPress是否被黑客留下了这些邪恶的东东。当然有些黑客爱删东西的,那就没办法了。 […]

  9. […] feed or by Email. Thanks for visiting!WordPress blogs are starting to get hacked in greater numbers lately. The problem is getting serious enough that the WordPress podcast recently addressed out of date […]

  10. […] WordPress Blogs and More Hacked by Google Redirects […]

  11. […] WordPress Blogs and More Hacked by Google Redirects […]

  12. […] all.here’s some links that will expain all !! WordPress Blogs and More Hacked by Google Redirects Lorelle on WordPress Black Hat 2008: Google Gadgets insecurity – Hack a Day Google Trends hacked again – The […]

  13. […] WordPress Blogs and More Hacked by Google Redirects […]

  14. […] WordPress Blogs and More Hacked by Google Redirects […]

  15. […] WordPress Blogs and More Hacked by Google Redirects […]

  16. […] WordPress Blogs and More Hacked by Google Redirects […]

  17. […] WordPress Blogs and More Hacked by Google Redirects […]

Post a Comment

Follow

Get every new post delivered to your Inbox.

Join 21,191 other followers

%d bloggers like this: