Tony of DJI talks about an unexpected outcome from TailRank’s River, a blog monitoring service. A large number of blogs turned out to have been hacked to promote spammy content and affiliate links.
Hidden content injected in the blog templates with links to each other in order to push the rankings in the SERPs. Blog monitoring services like TailRank, which tracks interlinking content, obviously showed those spammy content.
I’ve seen and have had experience with such types of blog hacking:
What’s surprising is that most of the hacks that I encountered were deployed by Filipinos too. Here are some snippets of their codes:
if ($epwd ne $npwd) {
$msg = “<br /><h1>Mukha Mo!</h1>
“;
}print header( -COOKIE=>$cid ), start_html(“BUTAS”);
Either they coded the hack themselves or got the script somewhere else and modified it to their own liking. It was obvious because some of the coding (commands and variables) used in the script are in Tagalog.
Tony adds some advise on how to prevent this. I’ve written an more general blog post about security and contingency plans here as well.
YugaTech.com is the largest and longest-running technology site in the Philippines. Originally established in October 2002, the site was transformed into a full-fledged technology platform in 2005.
How to transfer, withdraw money from PayPal to GCash
Prices of Starlink satellite in the Philippines
Install Google GBox to Huawei smartphones
Pag-IBIG MP2 online application
How to check PhilHealth contributions online
How to find your SIM card serial number
Globe, PLDT, Converge, Sky: Unli fiber internet plans compared
10 biggest games in the Google Play Store
LTO periodic medical exam for 10-year licenses
Netflix codes to unlock hidden TV shows, movies
Apple, Asus, Cherry Mobile, Huawei, LG, Nokia, Oppo, Samsung, Sony, Vivo, Xiaomi, Lenovo, Infinix Mobile, Pocophone, Honor, iPhone, OnePlus, Tecno, Realme, HTC, Gionee, Kata, IQ00, Redmi, Razer, CloudFone, Motorola, Panasonic, TCL, Wiko
Best Android smartphones between PHP 20,000 - 25,000
Smartphones under PHP 10,000 in the Philippines
Smartphones under PHP 12K Philippines
Best smartphones for kids under PHP 7,000
Smartphones under PHP 15,000 in the Philippines
Best Android smartphones between PHP 15,000 - 20,000
Smartphones under PHP 20,000 in the Philippines
Most affordable 5G phones in the Philippines under PHP 20K
5G smartphones in the Philippines under PHP 16K
Smartphone pricelist Philippines 2024
Smartphone pricelist Philippines 2023
Smartphone pricelist Philippines 2022
Smartphone pricelist Philippines 2021
Smartphone pricelist Philippines 2020
Jeffrey says:
That’s why i no longer use free themes. But when i do use free ones, i just modify the WordPress default theme.
Dexter says:
I was a victim of this one too.. The answer should be constant back up..
Janina says:
I hoff my blog wont be hack by this hackers. I dont how would i peel ip my site is hacks!
Visit my site fleasee:
http://www.janinablog.com
BrianB says:
Yep this happened to pmptoday around december and for the entire january. A porn site hacked us and we hardly noticed until we saw a dramatc decline in traffic.
BrianB says:
Just noticed Janina. Think about this guys. If it was celine lopez he’s spoofing, he would get his ass sued.
SELaplana says:
I recently discovered that my footer was modified and inserted a code that insert unknown image. I don’t know if it was done remotely or just automatically inserted by a worm or trojan or whatever when editing it using the CPANEL or theme Edit function of wordpress
FruityOaty says:
I was recently hacked too (index.php file) and iframes were injected in my posts. It resulted in my site getting banned from Google Search results (distributing spyware). All Google results pertaining to my site were slapped with this warning: “This site may be harmful to your computer.” As a result, traffic from Google trickled to ZILCH. My Adsense dropped too.
It was hell fixing the issue. After the fix, I had to request that Google re-assess my site. It was given a clean bill of health just a couple of weeks ago.
I wanted to write about the incident, but I was afraid of attracting the hacker’s attention again.
Since then, I toughened up my site’s security… well, to the best of my knowledge. (It’s a bit technical for some people, this topic.)
I really recommend this site: http://blogsecurity.net/
Got a lot of useful tips & tools (plugins) on how to secure WordPress a bit more.
FruityOaty says:
Oh, P.S.
Try this plugin called WP Security Scan:
http://wordpress.org/extend/plugins/wp-security-scan/#post-4986
Scans your WordPress installation for security vulnerabilities and suggests corrective actions.
-passwords
-file permissions
-database security
-version hiding
-WordPress admin protection/security
Maki says:
How do you check if a blog is hacked?
Eugene says:
Hmmm… I guess it’s an advantage that I’m not running on WordPress, Movable Type, or other popular blog CMSs.
Abe Olandres says:
Yes, the advantage of not using a popular blog CMS.
Showbiz Intriga? Get It From Boy! says:
Congrats Yuga, great post! and i’m sure tons of revenue, lol..why? this blogpost is in the WordPress Admin Page!!just imagine the traffic!
Wangbu says:
It is sad but true that humans, Filipinos or otherwise, always have double edge capabilities: one side for creation, another side for destruction.
I just would like to ask is there any international protocol governing hacks? Or any institution regulating internet activity?
Ro says:
It’s not really hacking — it’s just programming. They create programming code and stick in templates you use for free.
It’s totally evil and it sucks though, you’re right. Just check your code out before your use it — any of it.
Ensio says:
I just downloaded a couple of free wp themes from http://www.wpthemesfree.com/. The zips are strange, especially those with funny German addresses seen on prewiev. IZArc hangs badly when unzipping footer.php. I havent installed those themes, though, and never will.