Hacked WordPress Blog Cleanup
Your WordPress blog can be hacked due to an outdated WordPress installation, outdated plugins, or compromised FTP credentials. When a WordPress blog is hacked, the hack is used to insert malicious code that performs one or more harmful activities. Hacks can have a serious impact on the traffic that the blog receives. A hack that distributes malware can cause your blog to be blocked from visitors and a hack that inserts spam can cause the blog's search rankings to drop or cause the blog to be removed from Google's search engine. If your WordPress blog has been hacked we can clean it up for you and work with you to secure it against a future hack. Hiring us will ultimately save you time and money over doing it yourself or hiring someone who doesn't know what they really should be doing (which seems to be pretty common based on the number of times we are brought in to clean up after a hack has returned).
Please feel free to contact us to receive a free consultation on how to best deal with your hacking issue. If you are not sure if your blog is hacked, we can perform a free check to confirm for you if your blog is in fact hacked.
Some of the most prevalent activities preformed by the malicious code are inserting hidden spam links in the blog's header or footer, creating spam pages, redirecting visitors to another website (check if a web page is redirecting when accessed from Google), and attempting to install malware on the computers of visitors to the blog. Currently there have many attacks due a vulnerability in older versions of the TimThumb software.
When the hack inserts hidden spam links or creates spam pages, your search rankings can drop significantly and Google may remove it from their search engine's index if they detect hidden text, cloaking (check if a web page is cloaked to Googlebot), or other violations of their quality guidelines. Google may also place a "This site may be compromised." warning on the blog's search results. If Google has removed the blog they will place a "Notice of Suspected Hacking" message in their Webmaster Tools indicating that this has been done. When the hack inserts code that attempts to infect the computers of visitors to the blog with a virus, trojan horse, drive-by download, or other type of malware (malicious software), not only could your visitor's computers become infected but your blog may also be blocked from visitors. The blog may be flagged and blocked by the Internet Explorer ("This website has been reported as unsafe"), Firefox ("Reported Attack Site!"), Safari ("Warning: Visiting this site may harm your computer"), Chrome ("Warning: Something's Not Right Here!"), and Opera ("Fraud Warning") web browsers. It may also be flagged and blocked in the Google ("This site may harm your computer.", "This site may harm your device."), Yahoo ("Warning: Hacking Risks"), and or Bing search engines as well as Google's AdWords advertising service and Twitter ("unsafe link"). The hacker can also place a backdoor script that allows them remote access to the blog to make future changes to it.
The hacks can be hidden in a variety of places and might only be active when the blog is visited in a particular way. The hacks may be located in WordPress files, plugins, templates, or the database. The most common form of malware infection places an iframe or JavaScript code into the blog's pages. When the code inserts hidden spam links, these links may only be in the page if the request comes from a crawler for a search engine. When the code redirects a visitor or attempts to infect a visitor's computer with malware, the attempt may only occur if a visitor comes to the blog through Google or another search engine. When coming to the blog directly, it will appear to be normal.
To clean up the blog, we will review the blog's files and database for code inserted during the hack and remove that code. Checking and cleaning the blog's files takes a few hours. If the blog is running on an old version of WordPress, the current version is 3.3.1 (check what version you are currently running), we will upgrade the blog to the latest version of WordPress following proper upgrade procedures. Also, if any plugins are out of date we will update them. We will also work with you to secure the blog against a future hack. If your blog has been removed from the Google search engine we will assist you in filing a reconsideration request. If your blog was distributing malware and has been flagged and blocked, we will request a malware review from Google, Yahoo, and or Bing to have the warning removed. It should take no more than a day to be removed from Google's malware blacklist after a review has been requested.
To support the continued security of WordPress we have created a security vulnerability bug bounty program for WordPress.
Price:
US$250 for a WordPress blog and US$300 for a WordPress MU (WordPress with Multisite) installation. Payment is due after the blog has been cleaned up and we accept payment by credit card, debit card, or eCheck through PayPal in a number of currencies.