Hackers are just determined. There are no new security flaws reported recently in WordPress, but that hasn’t stopped imaginative and determined hackers.
The recent security issues concern hackers who work with Google and other search engine results and redirects traffic from your blog or website. The searchers clicks on the link and is redirected to the hacker’s site with the same search string used to search in the search engine. Most bloggers notice a problem when their site traffic drops inexplicably and/or their ad income drops.
This is not a WordPress-specific issue. Many non-WordPress blogs have been hit by this redirect technique over the years. WordPress blogs seem to be a new target, which is probably because there are so many and such a strong and vocal community to speak out against such abuse.
Donncha O’Caoimh has written Did Your WordPress Site Get Hacked? on how this works, how to detect the redirects, and offers tips on how to stop it.
Peter’s Useful Crap also published information to change the notifications on WordPress blogs on Linux to avoid being exploited and prevent future exploits by hackers.
This issue is discussed in the WordPress Support Forums in WordPress Hacked and Redirected … Again and My WordPress Blog Hacked with Redirect! and the following articles also include information on this new redirection hacking technique:
- My Digital Life – WordPress Hack: Recover and Fix Google and Search Engine or No Cookie Traffic Redirected to Illegal Sites
- Digital Point Forums – Same Google Serps, Huge Drop in Traffic
- Digital Point Forums – Hack 302-ing site to anyresults.net
- Digital Point Forums – WORDPRESS HACK – hacker redirect SE traffic to his site
- Magpie Brain – WordPress Site Hacked
- Shoemoney – WordPress Redirect h4x’s
- Tiffany Washko – Help for the anyresults.net Hack
- Jammer Six – WordPress Hacked, Search Engine Traffic Stolen by AnyResults.net
- WordPress AnyResults.net Hack – Search Engine Visits Redirecting to AnyResults.net
I covered a lot of issues on how to find out if your block has been hacked in WordPress Security Prevention, Reactions, and Scares. Remember, the best protection from most hackers and security vulnerabilities is prevention. Update now.
If you have an issue with WordPress, report it in the WordPress Support Forums. If you discover a security issue, report it immediately via security@wordpress.org.
Related Articles on WordPress Security
- WordPress 2.5, Security Issues, Plugins Updated, WordPress vs WordPressMU
- Daily Blog Tips – Make Sure Your WordPress is Not Hacked
- Donncha – There’s Never Been A Better Time To Upgrade WordPress
- Blog Security – Interview of a WordPress Hacker
- Noupe – WordPress Security Tips and Hacks
- How to Access Banned WordPress.com Blogs
- WordPress Security Prevention, Reactions, and Scares
- Blog Struggles: Surviving Offline Downtime
- Blogs and Conspiracy Theories
- Protect Yourself Online With Common Sense
Site Search Tags: wordpress news, wordpress security, hackers, hacked, blog hacked, hacked blogs, google redirects, search engine redirects, anyresultsnet, anyresults.net, wordpress tips, wordpress redirects, loss of income, loss of serp, loss of traffic, traffic down
Subscribe 
Via Feedburner 
Subscribe by Email 
Visit
Copyright Lorelle VanFossen, the author of Blogging Tips, What Bloggers Won't Tell You About Blogging.
Lorelle on WordPress 
16 Comments
Thanks for these resources Lorelle, I read up on Donncha’s post about checking our blogs for traces of being hacked earlier today and I am still in the process of beefing up my security. I’m still left to wonder if those rss_#’s entries in my database are all evil though…
I think the WP Security Scan plugin in the repository is definitely useful, at least as a basic initial step.
This news, piled on top of all the other “WordPress hacked” anouncements, don’t make me afraid, but it does seem like all of it could make the non-WP public afraid to use WordPress, regardless of the fact that it’s not a flaw in the code. Any stats on download rates?
@ Jonathan:
There is a Download Counter for WordPress, though it isn’t a statistical report. However, from what I hear, WordPress use is not only increasing dramatically, it is being embraced by corporations, educational institutions, and governments faster than ever before.
Security issues have been around since the beginning, even before the Internet. The time wasting evil doers, of which there are few, will continue to be the playground bullies online. Luckily, WordPress developers and fans are determined to fight back, which says a lot about WordPress. They don’t jump on suspicions but facts. With improvements in the new WordPress Administration Panels, they also now have a way to alert users of problems immediately, which accompanies their Email Alert Notification subscription.
If we pay more attention to the bad guys, who thrive on the attention, they win. There are tons of reasons to use WordPress and only a few reasons not to.
I haven’t seen anything on my site yet, but I’m keeping an eye on it. It would suck if that happened to me and I think I’d quit blogging because of it.
As I have read somewhere, good writers aren’t security experts. These recent developments in WordPress security brings additional worries to bloggers like me. Instead of focusing our efforts to writing good articles, our time is now divided between maintaining a good traffic thru good articles and keeping the bad guys out of our blogs.
I hope someone would create a WP plugin to detect annomalies in WordPress installation.
@ Arthur:
There already are. See WordPress Security Prevention, Reactions, and Scares for details.
@Jenny: If you quit because your block is hacked, they win.
Wow, that’s awesome! Almost 1.2 Million downloads for 2.5 alone. I remember when we hit that mark for WordPress as a whole, and now for just one version. Do you think that number counts Subversion checkouts, also?
I blogged about it here in Is Your WordPress Site Safe from Hackers?, and mention a great security plugin written by Cherie that will help troubleshoot the entrance point should the unthinkable happen to you.
@ Jonathan:
I just wish they didn’t restart the count with every new major version. I’d love to see the cumulative counts for all the different versions, starting as far back as they can. Wouldn’t that be slick!
do u know about xat? cause i have see that on some wordpress’s but it dosent work on mine like the meebo thing
plz tell me how to do it
Well, finally I have found the solution. At least some keywords don’t show up Cialis no more.
You should go to webftp and find the files that contain Drugstore and eval (gzinflate(base64_decode(.
Delete the files if the files are not wordpress file and remove the virus line in wordpress file such as wp-config.php.
You could read the detail here.
There are a variety of pharmacy hacks. This article refers to ones in 2008. See this updated article for more information on these. Thanks.
This is one of the toughest infection to fix. If all the tools failed, you may try the methods mentioned in my article.
Very helpfull post Lorelle, Thank you so much. I have been searching for help on this subject as a client of mine, there website was hacked with a search engine redirect and it was re-directing all search engine traffic from google only to an x rated dating site which had a huge effect on there business and reputation. This seemed to be because of some wordpress plugin which was installed to help them but it ended up being really bad, thank you for the info it has been most helpfull
You are welcome. Redirect malware and other attacks often go unnoticed. They can be very tough to remove. Glad they were successful.
17 Trackbacks/Pingbacks
[…] blogi do niecnych praktyk SEO) na blogi korzystające z silnika WordPressa. Stało się to na tyle powszechne, że nawet sam Arrington (ech, niestety to nie on, to Nik Cubrilovic) z wysokości swojego […]
[…] WordPress Blogs and More Hacked by Google Redirects […]
[…] WordPress Blogs and More Hacked by Google Redirects « Lorelle on WordPress WordPress Blogs and More Hacked by Google Redirects « Lorelle on WordPress (tags: wordpress security) […]
[…] out for the latest WordPress hacks; they got the Worcester Republican blog, they could get you too. Mike’s pre-trial hearing is […]
[…] One of the more popular wordpress bloggers, Lorelle vanFossen, recently highlighted the issue once more on blog herald in her wordpress Wednesday news. But also on her own blog she gave attention to the matter on hacks by google redirects. […]
[…] jelent meg egy támadás a WordPress alapú blogok (mint az enyém) ellen. Lényege, hogy spam-linkek jelennek meg a […]
[…] by upgrading to the latest version. This time, it’s a non-WordPress issue, specifically a redirect technique, that’s affecting a lot of WordPress-powered […]
[…] 自WordPress 2.5发布以来,WordPress的开发blog和论坛里经常能看到关于WordPress安全性的讨论文章:1、2。其中谈到的黑客通常都是在blog上留下后台程序,或其他隐藏的恶意链接等。WordPress Exploit Scanner正是用于扫描WordPress是否被黑客留下了这些邪恶的东东。当然有些黑客爱删东西的,那就没办法了。 […]
[…] feed or by Email. Thanks for visiting!WordPress blogs are starting to get hacked in greater numbers lately. The problem is getting serious enough that the WordPress podcast recently addressed out of date […]
[…] WordPress Blogs and More Hacked by Google Redirects […]
[…] WordPress Blogs and More Hacked by Google Redirects […]
[…] all.here’s some links that will expain all !! WordPress Blogs and More Hacked by Google Redirects Lorelle on WordPress Black Hat 2008: Google Gadgets insecurity – Hack a Day Google Trends hacked again – The […]
[…] WordPress Blogs and More Hacked by Google Redirects […]
[…] WordPress Blogs and More Hacked by Google Redirects […]
[…] WordPress Blogs and More Hacked by Google Redirects […]
[…] WordPress Blogs and More Hacked by Google Redirects […]
[…] WordPress Blogs and More Hacked by Google Redirects […]