1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

What is this Wordpress hack?

Discussion in 'Black Hat SEO' started by counselor_X, Feb 11, 2016.

  1. counselor_X

    counselor_X Regular Member

    Joined:
    Mar 21, 2011
    Messages:
    251
    Likes Received:
    50
    Hey everyone,

    So I have shared hosting which has about 5 Wordpress sites on it. Recently they were all hacked. I was alerted because I got an email from Google letting me know that there was a dramatic increase in 404 Not Found crawl errors. I inspected my sites and realized that at the end of every page and every post, there was a link with a period (.) as the anchor text. Each link pointed to a non-existent page on my own website and the non-existent page is spam keywords like rogaine, cialis, etc. One example is mywebsite.com/org-buy-rogaine-online-nz-guide. I *think* I have the vulnerability fixed on my websites by making sure WP was updated, deleting any old WP sites, running Wordfence virus scan, removing suspicious files, and then manually removing the spam link on every page and post.

    So, my question is - Does anyone know what the hell the point of this hack is? I didn't find a single link that actually pointed to another website. They're all just non-existent pages on my domain with spam words.
     
  2. counselor_X

    counselor_X Regular Member

    Joined:
    Mar 21, 2011
    Messages:
    251
    Likes Received:
    50
    And one more tidbit of info... These non-existent URL's are actually showing up in the SERPs. All of them go to my 404 Error page, but if I look at the cached version of a couple of them, they actually do display an existing page on my site with a bunch of spam text added to it.