[wp-hackers] Porn links in google cache
Justin W Hall
justin at justinwhall.com
Fri Jul 15 16:11:27 UTC 2011
Got a chance to scan the infected site. Found many of the usual Pharma
suspects base64_decode functions, base64-min.js files, eval etc...
Looks as though they live mostly in plugin folders child function files.
Haven't scanned the database yet. Ugh.
On Jul 15, 2011, at 3:07 AM, Chris Taylor - stillbreathing.co.uk wrote:
> Hi Justin,
> I got hacked with this last year. It's a nasty one, but (touch wood)
> my site seems OK at the moment). I wrote a short article about it with
> some useful links:
> Hope you get it sorted.
> On Thu, Jul 14, 2011 at 4:20 PM, Justin W Hall
> <justin at justinwhall.com> wrote:
>> Hey folks-
>> It's been brought to my attention that when a site a recently
>> worked in is viewed via google cache, there is a whole list of
>> mostly porn related links that have been added to the bottom of the
>> pages that obviously do not exist on the page. My questions:
>> 1) how does this happen? Host related malware?
>> 2) what us the best way to go about fixing this.?
More information about the wp-hackers