Best advice on WordPress spam injection evarrr

Thanks to Genkisan, I finally found one blog tutorial that makes sense to me. When I discovered that my site has been hacked silently, I searched and searched for some tutorials that aren’t written in Latin or Greek. Techies alway write in languages I cannot understand so they are like Latin to me.

I only knew my site was hacked because Matt of Google Development Team told me so when I lodged a form asking Google Adsense why I am seeing PSA (public service ads) on my Google Adsense. You see, we wouldn’t know our site has been filled with so many links as they don’t show on regular source codes. Only Google Bot sees these links.

The hacker apparently added a lot of jpgs files into my root server. When I login, I notice a lot of photos in my main root. My webmaster too wondered why I added them. Then, he notice a sinister looking plugin file as well. Thanks to my webhost who is also my webmaster, Bryan. Normally, I am pretty independent and do most of the WordPress upgrades and such myself. However, this hacking is serious business so I sought his help.

From the link given by Genkisan, I found this useful tutorial on ‘Did your WordPress site get hacked?

They’re also uploading PHP code disguised as jpeg files to your upload directory and adding those files to the activated plugins list. This makes it harder to find them, but not impossible:

1. Open PHPMyAdmin and go to your blog’s options table and find the active_plugins record.

Now, I think I have cleared the problem because my site is showing ads again.

Note that the blog that was hacked was already running on WP 2.5.1. That blog has good keywords for sex related stuffs so it was like a magnet for p0rn sites.

I had a few sites bookmarked when I was searching for solutions to this hacking. I am afraid that these lead to more confusions because I am not very familiar with tech terms. However, some of you may find them useful. Here they are :

View a website as Google Bot

WordPress exploit scanner 0.1

Worpress Spam Injection = Google Penalty

One more site hit by WordPress Spam Injection

WordPress support, question on hacking

Keep these links handy. You may be the next victim. Oh wait, maybe your WordPress blog is already infested with the MTF-ker spam injection. Good luck! The spam will kill your blog like cancer does, silently, painfully and by the time you find out, it is too late because you probably lost ads income, traffic and pageranks. OMG! Bwahaha.

Meanwhile, I have come out of this much wiser and smarter. I can almost talk Greek now!

Post Author: lilian

7 thoughts on “Best advice on WordPress spam injection evarrr


    (July 6, 2008 - 11:47 pm)

    Yes, you are very true. The spam injector is really good and will block the spam correctly and fully.
    Really nice, Thanks to inform other.


    (July 7, 2008 - 11:12 am)

    Hey, thanks for this info! It’s really helpful. I’ll keep this bookmarked for future use.

    […] spammers secretly injected into my blog with the WordPress spam injection technique. I explained how I clear the WordPress Spam Injection on my […]

    Noorizam Shah

    (July 7, 2008 - 10:24 pm)

    thanks for the info mum! muahs!

    The Unforgiven

    (July 11, 2008 - 3:34 am)

    Hi Lilian,

    How did you contact Google regarding your hack experience? Can you share the email link? I think one of my WP sites may have been hacked too!

    This new form of hacking is very subtle…ughh, I feel like clobbering these hackers. Most of the time, hackers are from East Europe, and Turkey…(the famous hacker/spammer regions). It is no wonder these folks will never get approved by Paypal or others….

    […] I would like to thanks Jeremy from Moolahking because pointing the problem that occur on taszara. I also notice that that strange and weird thing happen lately. The Google Adsense showing the Public Service Ads (Ads) and also showing sex related ads. I have visit who also being hacked. The hacker inject a wordpress spam inside the database. More information about the WordPress Spam Injection […]

    Bookmarks about Plugins

    (August 1, 2008 - 7:30 pm)

    […] – bookmarked by 4 members originally found by daags on July 16, 2008 Best advice on WordPress spam injection evarrr – bookmarked by 4 members […]

Comments are closed.