Emergency Report: Massive WordPress Blog Hacks and Stealing Google Accounts?
TOKYO (MacHouse) - www.cat-n-scratch.com, blog.alviselledge.com, blog.soar.hk, www.scwaterpolo.us and d-pi.com… We never heard of these websites till some 30 minutes ago. So what are common characteristics among these websites? They are all WordPress blog websites. Okay… Then? Also, they are all hacked. A spam terrorist group hacked these websites to forward Internet users to suspicious web contents. To our knowledge, spam terrorist groups started circulating spam comments using different IP addresses including 201.24.78.66, 217.94.172.231 and 70.166.109.14 a few days ago to forward Internet users to hacked WordPress websites. It is possible that this hack & spam practice has been going on for the past 45 days, during which we didn’t subscribe to spam comments.
 Screenshot 01- Source: cat-n-scratch.com |
 Screenshot 02- Source: alviselledge.com |
 Screenshot 03- Source: soar.hk |
Screenshot 05 shows odd aspects. You can see a database error on the side bar. It is possible that these hacks are done by a technique called SQL injection. On the other hand, all the hacked websites have a folder titled 1 under wp-content folder.
 Screenshot 04- Source: scwaterpolo.us |
 Screenshot 05- Source: d-pi.com |
 Screenshot 06 |
So happens if you access the hacked content? If you access www.cat-n-scratch.com/wp-content/1/video-poker-virtuale.html, for example, you will first reach a spam page advertising a video poker website. (See Screenshot 07.) And, in the blink of an eye, you will be instantly redirected to Google’s top content. (See Screenshot 08.) Possibly, they want to steal Google accounts and access to AdSense.
 Screenshot 07- Source: cat-n-scratch.com |
 Screenshot 08- Source: cat-n-scratch.com |
 Screenshot 09- Source: cat-n-scratch.com |
Finally, all WordPress webmasters are advised to FTP-access their WordPress directories to see if there are suspicious files and folders under wp-content.
********** ********** ********** ********** ********** ********** ********** **********
MacHouse is not funded by tax payers' money. We have limited resources. We also need time to sleep and eat just as others. So we will not act as the International police to contact all victims of website abuse. All you have to do is to subscribe to spam messages and spam posts. If we can, why don't you?
Leave a Reply
You are prohibited from posting comments merely to advertise your website. Please read Rules and About This Blog at the top menu bar for more information.
Because of spam-comment criminals, we are forced to manually moderate every comment that you may post. Your comment will appear only after we review and then approve it. It will take us several hours at most to review it.
Please note that all one-sentence comments will be automatically rejected as an anti-spam measure.