Was Google hacked? Seriously!

by mikehansen

Posted: 11 years ago 18 replies

INTERNET MARKETING

I have been using the big G since 1999 and I have never seen this type of thing before.

I have a web dev buddy who's client's site was apparently hacked but ONLY when a Google search.

First, go to this website - OC Zumba Fitness - Lake Forest CA - and it opens up just fine, right?

Now, do a search in Google for "oc zumba fitness" and click on the first listing and what happens? It redirects to another site, but ONLY from within the Google search. How is this possible?

The first redirect goes to costabrava.bee.pl and then some adserver and then a third redirect to a random site.

I found this article on Google regarding malware -
my client's site has been cleaned of an infection. Webmaster Tools confirmed it is clean. Search still shows Malware War - Webmaster Central Help

Any feedback would be greatly appreciated to help out my buddy's client.

Thanks in advance!

Mike

#google #hacked #malware #redirect

ActA 11 years ago

I don`t think google is hacked.. I think it`s another thing involved.. :|
- Thanks
- 1 reply
{{ DiscussionBoard.errors[5589910].message }}
- dougp 11 years ago
  
  If Google was hacked them im sure we all should of heard something about it. Well, maybe not, if it was hacked right .
  
  Doug
  
  Thanks
  
  Signature
  FREE GUIDE: 30 Day Blueprint to Massive LinkedIn Traffic
  
  {{ DiscussionBoard.errors[5589920].message }}
Raydal 11 years ago

Just for the record I'm getting the same results as you reported.

The only time I got something similar was when I had a virus
on MY computer but this seems to be a different situation.

-Ray Edwards
- Thanks
Signature

The most powerful and concentrated copywriting training online today bar none! Autoresponder Writing Email SECRETS
{{ DiscussionBoard.errors[5589919].message }}
Chris Chicas 11 years ago

Google is not Hacked. It's simply telling you that the page got flagged by Google because it contains malware, or some app that it will compromise me or my computer.

Don't take this the wrong way but I"m pretty weary when someone even sends me a link like that for me to check out. Those sites can def cause some damage.

Best of luck.
- Thanks
Signature
TwinFlameSecret.com
{{ DiscussionBoard.errors[5589975].message }}
goosefrabah 11 years ago

Here's my thought, your friend is hacked. The hacker is checking if there is a referrer or not. If it is direct then he lets you see the site (hoping the owner never notices), if it is someone from a search he redirects you. You can check this in firefox, download the RefControl addon and add your friends url and block refer. Then when you go to google it blocks the refer and does not redirect you. I just tested it and unfortunately your friend is hacked.

I tested it on Yahoo too and when I block the refer it works fine, otherwise it redirects you as well.
- [ 2 ] Thanks
{{ DiscussionBoard.errors[5589979].message }}
Chris Chicas 11 years ago

If you don't know how to fix this problem go to the Warrior for hire section and have someone look over your website and find what's wrong with it. Best of luck.
- Thanks
Signature
TwinFlameSecret.com
{{ DiscussionBoard.errors[5589990].message }}
SEOExpert999 11 years ago

Yes your friend is definitely hacked. He needs to uninstall and reinstall his search plugin or the main website files.
- Thanks
Signature
Amazing SEO Packages|AffordableSEOKeywordResearch| Email Marketing Solutions |Internet Resource Guide | Easy Social Marketing
{{ DiscussionBoard.errors[5590022].message }}
mrclean78 11 years ago

Google wasn't hacked man.....the site was and is doing a redirect based on referrer.
- Thanks
{{ DiscussionBoard.errors[5590095].message }}
Sleaklight 11 years ago

The site is hacked, not google. The hack detects referrer agent aand if Google is the referrer, then it does the redirect. I have the same problem on my site. Have your host fix it. It's a conditional hack redirect.
- [ 1 ] Thanks
{{ DiscussionBoard.errors[5590119].message }}
Justin Says 11 years ago

I dealt with this when I was helping Kirby Ferguson with his website: Everything is a Remix

When you searched "everything is a remix", his site was listed #1, but when you would hover it, the cache would show something totally different, and then when you clicked on the link, it would show something different again.

We found that his site was hacked, not Google.
- Thanks
Signature

My name is Justin Lewis. My digital marketing company has been in business for over 10 years with multiple six-figure years. We do provide a premium web design service.
{{ DiscussionBoard.errors[5590165].message }}
felku 11 years ago

I think that is a malware
- Thanks
{{ DiscussionBoard.errors[5590192].message }}
prian 11 years ago

So the one who hack is the people behind the redirected site?
or they just do it for fun/random
- Thanks
Signature

[FREE] Powerpoint Templates
[WSO OF THE DAY] Create Unlimited Mascot for Your Brand Today! Male Version
[MOST WANTED] Create Your Own Mascot / Character Illustration for Free
{{ DiscussionBoard.errors[5590377].message }}
John Westbrook 11 years ago

Yeah, your friend's server is hacked. This is an exploit hack of some sort, probably taking advantage of some "leak" in code on his site that is tied to Google tracking or similar. I don't see the purpose of only hacking from a Google search, so the code that's been compromised has to be tied to Google/tracking.

If your friend wants help fixing this have him contact me...PM for deets. I can probably help...it's kinda what I do.
- [ 1 ] Thanks
{{ DiscussionBoard.errors[5590418].message }}
paul_1 11 years ago

I don't think Google was hacked - that seems to be impossible. Otherwise, we should be hearing it in the news. I think it's kind of a virus/malware or something like that....
- Thanks
- 1 reply
Signature

Paid Download
{{ DiscussionBoard.errors[5590424].message }}
- mikehansen 11 years ago
  
  Thanks for the feedback everyone. Got it fixed!
  
  Some code was added to 400 pages in the site. Pretty crazy! Some sort of security hole in Wordpress.
  
  Thanks
  
  2 replies
  
  {{ DiscussionBoard.errors[5596168].message }}
  
  Paul Myers 11 years ago
  
  This is an exploit hack of some sort
  
  .htaccess is the most common current way to do this sort of redirect hack. There are others, but that's the "new thing" for this type of exploit.
  
  Thanks for the feedback everyone. Got it fixed!
  
  If you don't fix the security hole, they'll be back within days.
  
  Paul
  
  Thanks
  
  Signature
  
  .
  Stop by Paul's Pub - my little hangout on Facebook.
  
  {{ DiscussionBoard.errors[5596620].message }}
  
  Chris Chicas 11 years ago
  
  Originally Posted by mikehansen
  
  Thanks for the feedback everyone. Got it fixed!
  
  Some code was added to 400 pages in the site. Pretty crazy! Some sort of security hole in Wordpress.
  
  Wait, now it's not Google but Wordpress the culprit?
  
  Thanks
  
  Signature
  TwinFlameSecret.com
  
  {{ DiscussionBoard.errors[5597305].message }}
Carl Juneau 11 years ago

Hi yep - same here.

I doubt it's Google though.

For one of my sites, I had a script programed that would treat visitors from Google differently than any other visitors.

Maybe that's the issue here.

Carl
- Thanks
{{ DiscussionBoard.errors[5596850].message }}