Is your Wordpress Installation Compromised? Al Gore’s is.
12. Nov 2007 | 40 Comments
Quite often I like to take a quick look at the serps for buy viagra, buy cialis, buy xanax & buy phentermine. To some of you this may seem quite strange, almost like I have a crazy drug addiction. But there’s a good reason why.
I’m sure these particular products ring a few bells, no doubt you’ve seen Akismet or Spam Karma wipe out comments promoting them. The reason people promote them is because there’s huge amount of profits involved. I’m not really worried about the profits though, I’m more worried about the techniques these spammers are using to promote their hosted pages to the top spots.
It’s impossible for someone to manipulate the serps like we see above with a brand new domain.
Lets take the Buy Xanax serps for instance, you’ll notice a few forums & a few .edu sites ranking up there. With anywhere up to 1,000 links pointing to that one page (the sources of which I’ll cover in a minute).
It’s all but impossible to buy a new domain & point this many links to it then expect it to rank. You’ll get slammed into the sandbox……fast. So instead, aged domains that carry weight are used instead. Google will somehow tolerate the mass amount of links with the same anchor text if the domain already has a significant amount of trust or authority.
Anyway, back to the original story. I noticed that many of these authority domains had backlinks from many high profile wordpress blogs.
Let’s for example look at Al Gore’s – Climate Crisis Blog, you can see that’s it’s linking to the edu page about xanax. Now let’s have a look at the source code:
You can see nicely concealed in a hidden div tag in the footer about 50 links (on every page) to other various drug related hosted pages.
Doing a bit more digging reveals that there are thousands of high profile blogs using Wordpress that are compromised too. Most of the domains are PR5+.
So I suggest that you take a close look at your Wordpress installation, especially the footer incase this has happened to you. I highly doubt that many of the people who have been hacked are aware that they are linking to potentially damaging websites.
Enjoy this post? Get the RSS Feed
Prev Article: Earnosphere: Week Ending 10/11/07
Next Article: $14M Commission from 1 Transaction
Not making any Money yet? Check out these posts too:
- Popular SEO Blogs Hacked: Wordpress 2.0.7 Upgrade Available
- Hack Alert (remv.php) – Upgrade to Wordpress 2.7
- Earnosphere: Week Ending 01/12/07
- Link Building Guide Part 1 – Thank You Mr Yahoo
- Good old April Fools Linkbait
Random Post: Want to earn more? Read a Random Post!
40 Comments on "Is your Wordpress Installation Compromised? Al Gore’s is."
Razvan
13. Nov 2007, 2:36 am
That’s a nasty old trick. I’ve spotted it in a few themes 
5starAffiliatePrograms
13. Nov 2007, 4:16 am
Call me naive, but I didn’t even know this was possible. Yikes! Thanks for the heads us. Just checked and my blog is clean, but I seldom look at my own source code, so now I’ll know to check it.
Thanks, Linda
mutt
13. Nov 2007, 10:34 am
great post!
why is it that you can learn more from what not to do that what to do sometimes?
how do you prevent from being hacked like that?
VitaminCM
13. Nov 2007, 1:32 pm
Insert Al Gore invented the internet joke here…
George
14. Nov 2007, 9:08 am
old news
Brandon - Call Center Consultant
17. Nov 2007, 7:32 am
I doubt many of your readers (except Linda, who should know better! ) ignore their code long enough to miss something like this.
Living Off Dividends
22. Nov 2007, 1:59 pm
serves him right for inventing the damn thing 
Ernie Oporto
28. Nov 2007, 10:15 pm
So had WordPress been patched against whatever hack they’re using?
Sean O
29. Nov 2007, 7:25 am
Obviously, Mr. Gore did not spend enough time checking the security settings of his Wordpress blog. Not surprising since he didn’t spend enough time checking the facts for his movie.
Rich
29. Nov 2007, 1:02 pm
Its unfortunate that PC World is at 710 Diggs and you are sitting at 9 Digs as the original author – or at least according to the post on their site. At least you got the first post with a link back.
fastrealestate
29. Nov 2007, 9:34 pm
I have one blog that gets hacked every single day, I have to keep overwriting the files to sort it out – My host is not able to sort it out to date. I think they have security holes. I’ve upgraded to the latest verion of WP. Not sure what to do next.
Extraordinary
30. Nov 2007, 5:50 am
Try switching providers or witholding payment ’til they explain why it’s happening?
drmike
30. Nov 2007, 9:59 am
It’s been commented elsewhere (I won’t give the idiot a link since he didn’t do the same to you) that the site in question is still running wp 2.0.4 which is very much out of date. At least a year.
anon
04. Dec 2007, 5:32 am
LoL looks like his footers been hacked again.
Im not gonna paste it all here. but theres the div tag again. if you wanna see for yourself check the source, now its pointing to howardowens dot com.
_-GORO-_
04. Dec 2007, 12:47 pm
People who post comments on PC World know nothing about SEO. Neither know how to protect sites. All they can do is talk but once it come to real protection – they are useless. Bottomeaters.
Jess
21. Jan 2008, 1:06 pm
Got bit by this one myself, but its actually not the theme files that are compromised; its the index.php file in the main directory of your Wordpress install thats comprised. That may be more of a server security issue than a Wordpress issue.
nishu
15. Feb 2008, 10:22 pm
check not only for div tags
but also for links which merges with background, which are embedded in noscript or have invisible images links.
Brandon
04. Jun 2008, 2:17 pm
wow, that bites!
ramesh
24. Jun 2008, 2:40 am
I really suffered a lot. Couple of my high ranking blogs was hacked with spammy footer links. When i notice the links, the first portion of the urls showing some legitimate sites but this links going to 404 pages of the sites, and the links with irrelevant anchor text. I think the main idea of hacking is to disturb the trust of the site and SERPs of the blog. I am using paid verion of semiologic them, but i still couldn’t find how to protect my sites.
Ranked Hard
03. Jul 2008, 6:29 am
Here is a nice security scan plugin for Wordpress:
Finechinagirl
03. Sep 2008, 8:17 am
Apparently my site was hacked. Similiar code, not sure if it was the same but basically the same. There was a hidden viagra ad near the footer. I had to restore all files to make sure none of the malicious code was there.
Roba Al-Assi
05. Oct 2008, 8:24 pm
I have that problem, but it also made all my FTP files unwritable, so I can’t remove the code, or clean it up, or even update my wordpress installation. Is there a way to make them writable again?
That’s a nasty old trick. I’ve spotted it in a few themes
Call me naive, but I didn’t even know this was possible. Yikes! Thanks for the heads us. Just checked and my blog is clean, but I seldom look at my own source code, so now I’ll know to check it.
Thanks, Linda
great post!
why is it that you can learn more from what not to do that what to do sometimes?
how do you prevent from being hacked like that?
Insert Al Gore invented the internet joke here…
old news
I doubt many of your readers (except Linda, who should know better! ) ignore their code long enough to miss something like this.
serves him right for inventing the damn thing
So had WordPress been patched against whatever hack they’re using?
Obviously, Mr. Gore did not spend enough time checking the security settings of his Wordpress blog. Not surprising since he didn’t spend enough time checking the facts for his movie.
Its unfortunate that PC World is at 710 Diggs and you are sitting at 9 Digs as the original author – or at least according to the post on their site. At least you got the first post with a link back.
I have one blog that gets hacked every single day, I have to keep overwriting the files to sort it out – My host is not able to sort it out to date. I think they have security holes. I’ve upgraded to the latest verion of WP. Not sure what to do next.
Try switching providers or witholding payment ’til they explain why it’s happening?
It’s been commented elsewhere (I won’t give the idiot a link since he didn’t do the same to you) that the site in question is still running wp 2.0.4 which is very much out of date. At least a year.
LoL looks like his footers been hacked again.
Im not gonna paste it all here. but theres the div tag again. if you wanna see for yourself check the source, now its pointing to howardowens dot com.
People who post comments on PC World know nothing about SEO. Neither know how to protect sites. All they can do is talk but once it come to real protection – they are useless. Bottomeaters.
Got bit by this one myself, but its actually not the theme files that are compromised; its the index.php file in the main directory of your Wordpress install thats comprised. That may be more of a server security issue than a Wordpress issue.
check not only for div tags
but also for links which merges with background, which are embedded in noscript or have invisible images links.
wow, that bites!
I really suffered a lot. Couple of my high ranking blogs was hacked with spammy footer links. When i notice the links, the first portion of the urls showing some legitimate sites but this links going to 404 pages of the sites, and the links with irrelevant anchor text. I think the main idea of hacking is to disturb the trust of the site and SERPs of the blog. I am using paid verion of semiologic them, but i still couldn’t find how to protect my sites.
Here is a nice security scan plugin for Wordpress:
Apparently my site was hacked. Similiar code, not sure if it was the same but basically the same. There was a hidden viagra ad near the footer. I had to restore all files to make sure none of the malicious code was there.
I have that problem, but it also made all my FTP files unwritable, so I can’t remove the code, or clean it up, or even update my wordpress installation. Is there a way to make them writable again?
Categories
- Affiliate Marketing
- Affiliate Marketing News
- Affiliate Networks
- Copywriting
- Earners Blog News
- Earnosphere
- Email Marketing
- General Musings
- Guides
- Keyword Research
- Link Building
- Marketing Tools
- Monetization
- Outside the Box
- PPC
- Productivity
- Reviews
- SEO
- Social Media Optimisation
- Tips & Tricks
- Top Posts
- Traffic Generation
- Wealth Creation
- Web Development
- Wordpress
Supporters of the Cause
Popular Articles
- Ultimate Dofollow Social List
- Link Building Guide for 2008
- Become a Digg Power User in 48 Hours
- $800 a Day with Yahoo Answers
- Gmail Power Usage
- How to Work from Home - Efficiently
- Dominate Ebay Affiliate Program
- Making Money with Local Niche Directories
- Quick way to Make money with CPA Offers
- Diggproof & Speed up Wordpress
- Make Money with Clickbank & Articles
Recent Posts
- Recropical Link Cloaking - What you Need to Know
- Twitter me Timbers: 5 Ways to Profit from Twitter
- Sitelinks FAIL
- Looking for a Ruby/Python Developer
- Ultimate Dofollow Social & Link Building List
- Aweber Form Trick to Triple Profits
- How to Apply & get Accepted by Affiliate Networks
- Advanced Forum Link Building
- VPS Optimization Guide
- 13 Smokin Tips to Increase Adwords CTR
Affiliate Tools
- Affiliate Marketing Blogs
- Affiliate Network Reviews
- Web Hosting Reviews
- Affiliate Marketing Tools & Software
Guides / Example Sites
- Link Building Guide
- Discount Vouchers - Pligg
- Credit Cards - Wordpress
Hey Rich, thanks for the comment. I’m not too worried about the story being Dugg, I’m more annoyed that the story has now gone mainstream & these bigger blogs are getting the credit for plagiarism (with some “expert opinions” thrown in).