This is a sneaky little WordPress hack that replaces your page title with an ad for pharmaceutical products. The best part (and the reason you may not see it right away) is that you don’t see it on your site, the new page titles only appear in search engine results.
If you discover that you’re a victim, the first thing you should do – and this is good practice for any security issues in WP – is backup your database and change all your passwords. After that you should start going through you files manually. Usually staring with the plugins folder. This article was very helpful when I was trying to find the injected code for a client of mine.
In my situation, I was able to enlist the help of the web host who was able to not only find the file that was updated but they were also able to source the database entry that is also part of the hack.
After you get rid of the code and database entry you should be OK. The worst part is that it may take a few weeks for the search engines to show your site in the results properly.
During that time, really take a look at how secure your WP install is. This article was very helpful for me and after using some of the tips there. The client was not hacked again. I can’t say that this was the reason, but I’m sure it helped.
Leave a Reply