Sorry for wandering off topic, but…
This is just a quick public service announcement to anyone out there that runs a WordPress-based website. There is a pretty nasty hack going around right now that hijacks your search traffic. In fact, FiveCentNickel was compromised on Thursday, though this has since been resolved without any lasting damage.
I posted to Twitter about this while it was happening, and have also written up details here (with a followup and links here).
If you run a WordPress-based site, do the following:
Â» Run a Google search for your site
Â» Click through a related result
If you wind up at your own site, good for you. But if you get redirected to (or through) anyresults.net, then you’ve been hacked. Depending on your browser, the responsible cookies seem to be somewhat sticky, so you might want to run through the above steps a few times to be sure you’re okay.
I have spot-checked a number of sites myself and have found a number that have been compromised.
4 Responses to “PSA: Widespread WordPress Hack, Steals Search Engine Traffic”
Yikes! The hack is kinda smart, though — if you got a cookie, you get your site, nice!
Looks like my sites are ok too.
Thanks for the heads up. I just checked my blog and it’s okay, but I’ll be checking it regularly from now on.
BTW JD’s guide at Get Rich Slowly for if/when your site is hacked is great.
Thanks for your help tonight, Nickel. You can find the results of my work here:
Now I’m going to bed.
Oh, thanks so much for the info!
That explains so much. I’ve been busy doing research all over the web today, and I’ve encountered a few blogs that hung, and in the bottom of my FF page it said it was trying to connect to anyresults.net, but it was just hanging.