Regarding my last post, of virus by WordPress I think that affected over 50% of blogs worldwide, trying to figure the easiest way you can It checks if a blog is affected by this virus.
We chose a random blog to make this demonstration. : Denisuca.com.
1. Open in a certain browser, www.google.com and search:
Site: denisuca.com buy
Notice in the image above, Google has indexed denisuca.comWith a lot of keywords related to some drugs. These words / links are invisible for visitors to the blog and its owner, but visible to search engines Google, Yahoo, AOL, MSN, Windows Live.
2. Check the contents of the site of cache Google.
Autohaus Huber, auto închirieiri | Denisuca
25 February 2008 ... Buy Adderall Buy Adipex Alprazolam Buy Buy Ambien Buy Ativan Buy Biaxin Buy Bontril Buy Bupropion Buy Butalbital Buy Carisoprodol Buy ...
denisuca.com / Autohaus-Huber-inchirieiri-auto.html - 40k - Cached - Similar pages
Click on the "Cached" and will open the site, as has been stored by Google on a certain date. In this case:
This is G oogle's cache version of Address http://denisuca.com/laptopu-meu.html as was received on June 28 2008 01: 18: 23 GMT.
Your website and not notice anything suspicious. yet.
3. At the top of the page, where frame from The Google Cache, do you click on the option that allows you to visual text only stored on the site without images and other files "media".
This page can provide references to stored images are no longer available. Click here for text stored.
Click on the link "text stored".
4. Scroll down until seemed website "footer" and you will see there link spamSites, resulting from infection with this virus.
Those links are generated by a malicious code , Appeared in the source used by blog wordpress theme and transfer denisuca.com The Google Page Rank the sites indicated by the attacker (backlinks). This would be the lowest damage caused (to some), but the effects are much larger virus and its structure is very complex.
- Search engines, while will not send visitors Blogs by such viruses. Inserting links hidden in the code of a site is considered SEO SPAM Search engines penalize bad all this procedure.
- Visitors who have cookie for the site are redirected by another hack the same virusAnd other sites by attackers. This is recognized by many as anti-virus Trojan.Clicker.HTML.... (Are redirected and those from Search Engines si RSS readers.)
- Changes bases givene and operation security vulnerabilities servers (massive decrease in performance) To serve in this offense.
Details about how to get rid of this virus, find here.
For more information, contact me by IM and / or Google Talk. id: laurentiu.piron
LA: This method is only effective if blogs which infected pages indexed in the search engine. The number of infected blogs certainly is quite high.