1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

URGENT: This Facebook Like Box Widget plugin has been HACKED!

Discussion in 'Black Hat SEO' started by TrevorB, Sep 23, 2012.

  1. TrevorB

    TrevorB Jr. VIP Jr. VIP Premium Member

    Joined:
    Dec 21, 2011
    Messages:
    1,185
    Likes Received:
    361
    Location:
    Canada
    If this is not in the right section of the forum, please move it.

    I need to get this out to all members ASAP and could not find
    the best section for it.

    I already posted this on the Wordpress forum, hope someone will
    see this there real soon.

    Just noticed this today, there is a link being added to my site and
    ALL sites that I Googled using this Facebook Like Box Widget plugin.


    Not sure how this Jerk is doing this and for how long it has been
    happening for but I urge the developers to look into this and all
    that read this and are using this plugin on your site to remove it
    ASAP until this is fixed.


    Here is the HTML output from this plugin with the hidden link:


    Code:
    <div style="height: 0px; width: 0px;"><a href="http://www.burkina-faso.biz/" title="PME/PMI, entreprise, &eacute;conomie, Emploi et petites annonces Burkina Faso">PME/PMI, entreprise, &eacute;conomie, Emploi et petites annonces Burkina Faso</a></div>
    
    I made a quick search on Google for this text:


    PME/PMI, entreprise, ├ęconomie, Emploi et petites annonces Burkina Faso


    And found: About 29,600 results (0.51 seconds)
     
  2. TrevorB

    TrevorB Jr. VIP Jr. VIP Premium Member

    Joined:
    Dec 21, 2011
    Messages:
    1,185
    Likes Received:
    361
    Location:
    Canada
  3. carnage_100101

    carnage_100101 BANNED BANNED

    Joined:
    Feb 17, 2011
    Messages:
    240
    Likes Received:
    163
    If i had to guess,I would say your running a vulnerable version of wordpress or whoever is doing this has a 0-day exploit for wordpress or whatever plugin your using.Make sure everything is updated.
     
  4. TrevorB

    TrevorB Jr. VIP Jr. VIP Premium Member

    Joined:
    Dec 21, 2011
    Messages:
    1,185
    Likes Received:
    361
    Location:
    Canada
    Yes I have everything updated on my Wordpress site.

    Are you using this plugin on your blog?
     
  5. richcamp

    richcamp Regular Member

    Joined:
    Oct 5, 2009
    Messages:
    315
    Likes Received:
    119
    I'm not using this plugin since all you need to get the same functionality is just couple of lines on the sidebar. Have a look here http://developers.facebook.com/docs/plugins/

    I'll let you know if my site also got this hack.
     
  6. TrevorB

    TrevorB Jr. VIP Jr. VIP Premium Member

    Joined:
    Dec 21, 2011
    Messages:
    1,185
    Likes Received:
    361
    Location:
    Canada
    I figured it out.

    It was the developer I think that is doing this.

    There was an update for this plugin yesterday I think so I updated it.
    Never noticed the link on my site till today though.

    I just finished going through this plugins code for the third time,
    looking a little closer at everything this time around, and seen
    that it is the plugin itself adding this backlink to all the websites
    that are using it.

    So if you are using this plugin:

    Code:
    [URL]http://wordpress.org/extend/plugins/facebook-like-box-widget/[/URL]
    I would go through the plugins code and remove the backlink that
    they are putting on your site.

    Sorry about the false hack alarm I made.
     
  7. puneetas3

    puneetas3 Senior Member

    Joined:
    Jan 8, 2012
    Messages:
    876
    Likes Received:
    384
    Just a head up for the user and every other who downloads crack plugins or themes to check them with windows grep to find any unusual url embedded in the code.