Site Hacked
-
Hi. Hope you can help. Got an email today from a site follower to notify me that she was having problem accessing several internal page links on my site. She said the links were redirecting to external sites offering psychic services and other products. I know wordpress put ads on my site occasionally but I was unaware that they hijacked my links. Have I been hacked and if so how can I clean it as wordpress com only gave that kind of access. I appreciate any advice you can give me. I am the sole author, administrator and developer. No one has ever had user access on my site.
Regards,
Vivien Ni Dhuinn
The blog I need help with is: (visible only to logged in users)
-
The odds of your WordPress.COM site being “hacked” are quite remote – they have an entire devoted to keeping your site safe and healthy.
I clicked around on your site a bit and was not sent off site.
But it would really help if you could tell us the page(s) that your visitor had the problem with – then someone can look at the page and see what we see.
Someone has already flagged this for staff attention
Probably your visitor has a virus on their PC or Browser or the browser has a bad add in that is putting the ads on your site – they need to scan their PC and also disable any add in’s and see if things get better
-
Please note that it’s possible for ads to appear in your browser that were *not* placed there by WordPress.com. These ads are sometimes caused by malware or a virus, but more often it is due to a browser extension or toolbar that you may have installed in your browser.
These sites have further explanation and suggestions for eliminating the ads:
http://onecoolsitebloggingtips.com/2012/09/14/bloggers-beware-of-adware/
http://blog.wikimedia.org/2012/05/14/ads-on-wikipedia-your-computer-infected-malware/
From https://en.forums.wordpress.com/topic/ads-still-show-after-upgrade?replies=11#post-2299371 -
To off-set the costs of providing free hosting to millions of bloggers, WordPress.com has been running advertising on our free hosted blogs since 2006. If the ads you see are found at the end of blog posts then provided you see this small About These Ads link what you are seeing is WordPress.com generated advertising. http://en.wordpress.com/about-these-ads/
Any other ads appearing to you are not placed by WordPress.com. You could have an issue on your browser or computer. These ads are sometimes caused by malware, adware or a virus, but more often it is due to a browser extension or toolbar that you may have installed in your browser.
These sites have further explanation and suggestions for eliminating the ads:
http://www.littletechiethings.com/2012/06/how-to-remove-ads-not-by-this-site.html
http://blog.wikimedia.org/2012/05/14/ads-on-wikipedia-your-computer-infected-malware/
http://onecoolsitebloggingtips.com/2012/09/14/bloggers-beware-of-adware/ From: https://en.forums.wordpress.com/topic/advertising-112?replies=5#post-2354275 -
Hi Timethief,
Thank you for getting back to me last night. Unfortunately, it being in Ireland, I was in bed. I have yet to go through the messages that have come from the support team as I have only reached my desk. I have copied and pasted the messages sent to me from my site viewer. She appears to have had a problem with it at one part of the day and then not at another. You can read her accounts below.
Regards,
Vivien
Message 1
I really appreciate your tarot reading support site.
I noticed today however that many of the links are being hi jacked by other websites advertising various tempting or offers from psychics etc.
Just thought I would warn you that this is happening today.
Thank you again. I hope you can sort out these nuisances!
Dianne.
Message 2
I have just returned from my boyfriend and received your email. I immediately tried you site again, and it now seems to be working normally. So at the moment it seems okay.
If what happened and kept happening this afternoon recurs I will get in touch with you again and send you links of the sites.. I cant do this at the moment obviously as it is NOT happening now…. I remember one was some competition thing to be a milllionaire, and another was a psychic site – an unusual one actually in its format, but I will keep you posted..if necessary.
I know my computer is well protected by Kaspersky so that is my protection.
Really love your site. Thank you.
Dianne.
Message 3
What was actually happening was when I clicked on a link, it jumped to someone elses advertisement instead of your link to a section on your website.
I was not referring to any adverts that might appear on the page itself, but that it actually jumped away to another site.
Dianne.
-
Hi @misstarottales, usually this is the result of someone’s browser being infected with malware or adware. If you’d like us to help troubleshoot this further, please ask your friend to get a screenshot of the ads (should she see them again) and also copy and paste one of the links — in Chrome, for example, she would right-click on it and choose Copy Link Location, then paste the link where we can find it.
Otherwise we’ll just hope it was a fluke on her system, and that all is well now. Cheers!
-
Hi timethief and supernovia,
Thank you for the sound advice and suggestions. Yes, I am aware WordPress show ads occasionally so I knew that could not be causing the issue. I have followed through on all the advice from the links you sent.
- I logged out of everything.
I completely cleared my cache and history.
I ran a full system scan with my security software. This took nearly two days as each time the pc went into hibernation mode after x amount of time the scan paused. I just hadn’t the time to sit in front of it all day. The scan was completed and no corrupt files or viruses were found.
I changed all email passwords.
I changed WorPresss password.I did post on my site the other day informing my viewers of the possible site hacking and to contact me should they encounter these apparent link hijacks. So far no one else has come back to me. After all this I can only presume that the problem was with my site viewer’s pc and not my site. However, the jury is still out but I think I have done all I can at present. That is unless you can suggest more protective measures. It was good to know all this stuff.
Thank you again for your time.
Vivien
-
@misstarottales had you actually seen the links too or was your follower the only one who mentioned them?
If you haven’t seen those links, you might consider taking down the hacked site warning as it’s likely just the one person’s computer.
-
Hi Supernovia,
Thanks for your mail. I published a post yesterday declaring a clean bill of health and explaining to my viewers that WordPress don’t let that sort of thing happen and it is normally an infected browser issue with either the site owner or viewer’s pc. I spoke about how supportive WordPress where and the advice you all gave me. I used my Tarot cards to represent the issue and announced that I had learned a lot but with WordPress keeping an eye on things, I could sleep safely once more. Viewers loved the post. However, if you would prefer I take the original post and yesterday’s one down, that is fine. I could understand WordPress not wanting their users feeling insecure but I did clear up everything in my post yesterday. You can let me know. Thanks again for all your help and advice.
Regards,
Vivien
-
That’s fine too. I just wouldn’t want to scare your users.
We do keep a close watch on the security of the sites here at WordPress.com . :) Let us know if you need more help!
-
Several articles have appeared recently warning attackers are hijacking WordPress sites with unauthorized links, using an attack code available through Nuclear exploit kit: http://arstechnica.com/security/2015/09/active-malware-campaign-uses-thousands-of-wordpress-sites-to-infect-visitors/
Could this have anything to do with the user’s question above? Should I be worried? I have two sites, one grandfathered into your no-ad option https://holdouts.wordpress.com, and a second site, recently re-activated, which does carry some of your ads: https://wordpress.com/stats/day/eugenegourmet.wordpress.com
-
Hi @jbw0123 , this malware seems to be targeting plugins, and we don’t allow users to upload plugins here. We also watch our servers vigilantly. We work very hard to make sure the sites here are safe.
The WordPress.org community works hard to keep the software secure, too, but again, third-party plugins have to be kept up to date.
That said, if you have any worries about suspicious behavior on a WordPress.com site, please let us know so we can check it out for you. And please be sure to keep your own account and computer secure. More information here:
-
I figured this applied to WordPress.org sites, but the two or three articles I read didn’t make any distinction — OK — plugins, which I can’t have, are vulnerable. Thanks. I have two factor sign-in, and will check out your security link.
-
-
I feel I have a serious malware problem associated with my site. Whenever I go to the site http://idaretobehappy.com I am redirected to ads or a scary security message that is very hard to click out of. The site opens to my stationary page but when I click on any of the links it takes off somewhere else. This is happening to others who go to my site. Please help. I am afraid I will have to shut down and rebuild. This has been happening for about two weeks and I had my computer tech look at it and he suggested my only hope was to contact you guys. I hope you can clean it up from your side. I would appreciate your help.
-
The site you are asking about does not seem to be hosted on WordPress.COM so you need to make friends over at WordPress.ORG the keepers of the software you are using.
This site is for support of sites hosted on WordPress.COM. You should address your questions to WordPress.ORG the keepers of the software you are using: http://wordpress.org/support/
The forum at WordPress.ORG is not connected to WordPress.COM so you will need to open an account at .ORG if you do not already have one. You may use the same email at WordPress.ORG as you do at WordPress.COM.
For more on the difference: http://support.wordpress.com/com-vs-org/
- The topic ‘Site Hacked’ is closed to new replies.
WordPress.com Forums 