Why WordPress users should know about WordPress Spam Injection

If you are using WordPress, you should know about wordpress spam injection. Otherwise, your blog may be hit and yet, you are not aware of them.

So, whose blogs are most likely to get hit?

1) Blog with high pagerank
2) Blog with good keywords
3) Blog with good traffic

How do we know?

We won’t know because it is not easy for us regular users to trace it. You cannot see the spam links inserted by viewing source codes. For us who are not experts, we won’t even know where to start searching. I read a few posts and still do not understand the workaround it.

What are the signs?

1) You are suddenly getting PSA ads on the main page.
2) Your traffic dropped
3) And if left unattended, you will lose your pagerank and get some good keywords de-indexed

Who are behind these?

Blackhat SEO who uses dirty tactics to inject their spammy links into your blog without your knowledge.

I saw PSA ads on my personal blog and wrote to Google Adsense. Here’s the reply I received :

Thanks for your email. I understand you are concerned about the fact that
public service ads are appearing on your site. Our specialists
investigated and found that pornographic links and links related to
prescription drug offers have been injected into the bottom of your pages.
These links are only visible to web crawlers so you may not see them if
you view the source of your pages. Because our system does not return ads
to pages detected to have adult content, relevant paid ads will not appear
until the links are removed. These links may have been placed on your site
without your knowledge in an attempt to boost other sites’ search engine
rank.

We’d recommend that you contact your webmaster to fix any site
vulnerabilities which may have allowed the links to be placed on your
site. For more information about security for webmasters, see
http://googlewebmastercentral.blogspot.com/2007/09/quick-security-checklist-for-webmasters.html.
You may also with to perform a search for results related to “wordpress
spam injection” for more information about the issue.

Once the links have been successfully removed, paid ads or more relevant
ads should start appearing again within a week.

Cheers,

Matt
The Google AdSense Team

How to prevent it?

Hopefully, you have someone who is an expert who can trace where they had inserted the codes. Remember that these people who inserted the codes are really expert and they can breach WordPress security to get into our folders.

Also, let’s hope WordPress patch up this real fast. I have a list of some useful sites which I have bookmarked. But let me solve my problems on wordpress spam injection first and see which links’ recommendation works.

Post Author: lilian

9 thoughts on “Why WordPress users should know about WordPress Spam Injection

    Klaw

    (July 2, 2008 - 6:51 pm)

    Is this happening to the recent 2.5 version wordpress blogs, or just 2.3? Seems like just 2.3 right?

    Anyway, one way to find javascript injected code is to use the Firebug extension in Firefox, but not sure if it is possible for this case.

    Online DIY Guy

    (July 2, 2008 - 10:22 pm)

    Hopefully it won’t affect to WP version 2.5. I believed the newer version is always more secure than the previous old version. As in the normal software practice, developer will always patch up all vulnerabilities that made known to them.

    Perhaps someone who have done the research or have more experience could share….:)

    lilian

    (July 2, 2008 - 10:55 pm)

    DIY – My blog is 2.5.1. These are very expert black hat SEOs who really know their job well. I had read up a lot and unfortunately, we can’t know our site has been injected with the spam links unless we keep very close watch. Some bigger sites had their pageranks penalised too.

    klaw – All my blogs are usually upgraded the very same day the newest version is out. Now, WP 2.6 Beta 2 is available liao. They inserted the codes in some folders and not the theme files.

    Klaw

    (July 3, 2008 - 12:30 am)

    Anyway, just managed to compare all my WordPress files and also the original files for WordPress 2.5.1, and luckily didn’t find anything different in those 500+ files.

    If you want to check if any of your hosted files kena inject, you can download it all to your local PC, then use a tool like WinMerge to check them.

    Good luck!

    Genkisan

    (July 3, 2008 - 8:37 am)

    Try this plugin for a start ;)
    http://ocaoimh.ie/exploit-scanner/

    lilian

    (July 3, 2008 - 10:56 am)

    Genkisan – That’s one useful links I did indeed find a lot of jpg files in my main root and wp-admin. Thanks a lot for the lead.

    klaw – Do look at the link given by Genkisan, and there is another related post talking about extra files inserted into our server. I did find many jpg there and yesterday, I deleted them cos all the jpg files are my flickr photos. I didn’t see if there are any php files hidden as jpg cos I batch deleted already.

    lankapo

    (July 3, 2008 - 5:33 pm)

    I just installed the plugin, mm and found nothing extra files in my server..

    maybe I am not popular like lilian hehe

    […] only knew my site was hacked because Matt of Google Development Team told me so when I lodged a form asking Google Adsense why I am seeing PSA (public service ads) on my Google […]

    […] I guess I had cleared up the mess the MTF-ker spammers secretly injected into my blog with the WordPress spam injection technique. I explained how I clear the WordPress Spam Injection on my […]

Comments are closed.