PSA: Widespread WordPress Hack, Steals Search Engine Traffic
Sorry for wandering off topic, but…
This is just a quick public service announcement to anyone out there that runs a WordPress-based website. There is a pretty nasty hack going around right now that hijacks your search traffic. In fact, FiveCentNickel was compromised on Thursday, though this has since been resolved without any lasting damage.
I posted to Twitter about this while it was happening, and have also written up details here (with a followup and links here).
If you run a WordPress-based site, do the following:
» Clear your cookies (the hack uses cookies to hide itself)
» Run a Google search for your site
» Click through a related result
If you wind up at your own site, good for you. But if you get redirected to (or through) anyresults.net, then you’ve been hacked. Depending on your browser, the responsible cookies seem to be somewhat sticky, so you might want to run through the above steps a few times to be sure you’re okay.
I have spot-checked a number of sites myself and have found a number that have been compromised.




Oh, thanks so much for the info!
That explains so much. I’ve been busy doing research all over the web today, and I’ve encountered a few blogs that hung, and in the bottom of my FF page it said it was trying to connect to anyresults.net, but it was just hanging.
Comment by Cindy — Jun 8th 2008 @ 2:05 amSometimes I don’t know whether to applaud these tricksters for their diabolicalness, or to curse them for their criminal acts. Maybe a little bit of both.
I know what you mean about the Wordpress upgrades being buggy though…
Comment by Money Blue Book — Jun 8th 2008 @ 2:26 amThanks for your help tonight, Nickel. You can find the results of my work here:
http://www.getrichslowly.org/b.....snet-hack/
Now I’m going to bed.
Comment by J.D. — Jun 8th 2008 @ 5:31 amThanks for the heads up. I just checked my blog and it’s okay, but I’ll be checking it regularly from now on.
Cheers,
Penelope
BTW JD’s guide at Get Rich Slowly for if/when your site is hacked is great.
Comment by Penelope @ Our Fourpence Worth — Jun 8th 2008 @ 6:15 amYikes! The hack is kinda smart, though — if you got a cookie, you get your site, nice!
Looks like my sites are ok too.
Comment by payoff125k — Jun 8th 2008 @ 7:36 pm