December 1, 2007
wp_footer Exploits Continue
The troubles with the evil wp_footer exploit continue. My friend Roy alerted me to the fact that wp_footer had reappeared and was once again creating spam links in my footer. Those spam links went to Scott Rosenberg’s site, Wordyard. I contacted Scott and he told me he knew his site had been hijacked to host these spam pages and he was busy cleaning it up. He helpfully told me that “wp_footer” was being called by some rogue code in the “default-filters” file which can be found in the folder “wp-includes.”
Scott also pointed out that I should delete another rogue file, “class-mail,” also found within the folder, “wp-includes.”
Let’s see if this solves the problem.
Cat: | Time: 2:44 pm (utc+8)
December 2nd, 2007 at 3:35 am
For what possible benefit would someone go to the trouble to “hijack” or spam?
December 2nd, 2007 at 9:07 am
CapGain: Selling pharmaceutical products is lucrative as is serving their ads. Sites are hijacked to link to a single site so that site’s Google page rank goes up making it appear higher in the search results. Linking from high-page rank sites (like this one) makes it hard for Google to detect that the page being linked to isn’t legitimate.
December 2nd, 2007 at 10:10 am
Obviously there is much about the worldwide interwebnet that I don’t understand.
December 2nd, 2007 at 10:17 am
In isolation, without any knowledge of exploits for WP, to me this looks like someone trying to kill your search ranking by associating you with money words. The site pointed to was an .edu, the posters were all one person(bot) who didn’t use English as a first language, and there were no links from that site to any commercial interests.
Travel, pharmacy, etc type words are a sure bet to ranking hell. It indicates you’re trying to make money without paying the internet tax to Google Badwords.