Tony of DJI talks about an unexpected outcome from TailRank’s River, a blog monitoring service. A large number of blogs turned out to have been hacked to promote spammy content and affiliate links.
Hidden content injected in the blog templates with links to each other in order to push the rankings in the SERPs. Blog monitoring services like TailRank, which tracks interlinking content, obviously showed those spammy content.
I’ve seen and have had experience with such types of blog hacking:
- Modifying “header.php” or “footer.php” and inserting links to spammy sites. These text links are enclosed in DIV tags so they can be positioned way off of the screen.
- Popular and free themes are modified and inserted with obfuscated PHP scripts to be injected remotely. The themes are then repackaged and re-distributed to the public. These scripts can then be manipulated later to inject spammy content and text links to any targeted sites. Much like a zombie blog.
- Uploading CGI scripts into the “cgi-bin” directory via unrestricted folders. The CGI scripts can then be accessed and used to run whatever command lines the hacker wants.
- SQL injections. Older and vulnerable versions of WordPress can be attacked via SQL injections to add content to existing/archived blog posts/entries with links to spammy sites.
- Modifying .htaccess files to redirect (301) certain popular or high rankings pages to other spammy or affiliate-filled sites.
- Directly modifying unrestricted pages to insert AdSense codes or modify existing AdSense Publisher ID to that of the hacker.
- I’ve also seen blogs being sabotaged by creating empty folders that follow the same permalink structure as some of the pages of the blog. This, in effect, overrides the custom permalinks and disables the affected pages.
What’s surprising is that most of the hacks that I encountered were deployed by Filipinos too. Here are some snippets of their codes:
if ($epwd ne $npwd) {
$msg = “<br /><h1>Mukha Mo!</h1>
“;
}print header( -COOKIE=>$cid ), start_html(”BUTAS”);
Either they coded the hack themselves or got the script somewhere else and modified it to their own liking. It was obvious because some of the coding (commands and variables) used in the script are in Tagalog.
Tony adds some advise on how to prevent this. I’ve written an more general blog post about security and contingency plans here as well.
Loading ...
Congrats Yuga, great post! and i’m sure tons of revenue, lol..why? this blogpost is in the Wordpress Admin Page!!just imagine the traffic!
It is sad but true that humans, Filipinos or otherwise, always have double edge capabilities: one side for creation, another side for destruction.
I just would like to ask is there any international protocol governing hacks? Or any institution regulating internet activity?
It’s not really hacking — it’s just programming. They create programming code and stick in templates you use for free.
It’s totally evil and it sucks though, you’re right. Just check your code out before your use it — any of it.