Thanks to Genkisan, I finally found one blog tutorial that makes sense to me. When I discovered that my site has been hacked silently, I searched and searched for some tutorials that aren’t written in Latin or Greek. Techies alway write in languages I cannot understand so they are like Latin to me.

I only knew my site was hacked because Matt of Google Development Team told me so when I lodged a form asking Google Adsense why I am seeing PSA (public service ads) on my Google Adsense. You see, we wouldn’t know our site has been filled with so many links as they don’t show on regular source codes. Only Google Bot sees these links.

The hacker apparently added a lot of jpgs files into my root server. When I login, I notice a lot of photos in my main root. My webmaster too wondered why I added them. Then, he notice a sinister looking plugin file as well. Thanks to my webhost who is also my webmaster, Bryan. Normally, I am pretty independent and do most of the WordPress upgrades and such myself. However, this hacking is serious business so I sought his help.

From the link given by Genkisan, I found this useful tutorial on ‘Did your WordPress site get hacked?

They’re also uploading PHP code disguised as jpeg files to your upload directory and adding those files to the activated plugins list. This makes it harder to find them, but not impossible:

1. Open PHPMyAdmin and go to your blog’s options table and find the active_plugins record.

Now, I think I have cleared the problem because my site is showing ads again.

Note that the blog that was hacked was already running on WP 2.5.1. That blog has good keywords for sex related stuffs so it was like a magnet for p0rn sites.

I had a few sites bookmarked when I was searching for solutions to this hacking. I am afraid that these lead to more confusions because I am not very familiar with tech terms. However, some of you may find them useful. Here they are :

View a website as Google Bot

WordPress exploit scanner 0.1

Worpress Spam Injection = Google Penalty

One more site hit by WordPress Spam Injection

WordPress support, question on hacking

Keep these links handy. You may be the next victim. Oh wait, maybe your WordPress blog is already infested with the MTF-ker spam injection. Good luck! The spam will kill your blog like cancer does, silently, painfully and by the time you find out, it is too late because you probably lost ads income, traffic and pageranks. OMG! Bwahaha.

Meanwhile, I have come out of this much wiser and smarter. I can almost talk Greek now!

Related posts brought to you by Yet Another Related Posts Plugin.