A friend of mines website was hacked by replacing the index.html file (homepage) with index.php, to the naked eye you can’t see a change what so ever, I spotted this looking at his page source to see if the meta tags was correct for seo reasons.
The source code displayed over 1000 of the following links:
National66.org links all redirect to: http://2plus2-software.com
After downloading the index file using ftp, I found a secret code near the </body> tag at the bottom of his site:
(note) you can’t see this code in the broswer view source
This code is pulling a bloody large set of hidden backlinks, I suggest if you’re reading this please check your homepage or any directory within your website that has a index file.
Yoursite.com / index file here
yoursite.com/product1/ index file here
Open each page up in your browser and click on the top tool bar (View) then click (source) and look for a large set of links as stated above.
The hackers are http://2plus2-software.com/ based have a guess? Fringing China
Interesting post Matt. I had something similar happen to a couple of my website. China hackers were inputting iframe via sql injection on some of my websites. What a nightmare. A quick fix for the sql injection is to validate your input fields server side rather than client side.
Hey Bryce, a decent web developer would avoid this situation completely. Your clients shouldn’t have to put up with such nonsense. Any good developer and SEO knows better than to leave their work product in danger of such hacks. That’s a shame.
This hack hit the web server of the hosting company… The hosting company could not even prevent it.