Paul Carr Tech journo for Techcrunch, Guardian and author of various books has had his WordPress install hacked.
For those who haven’t heard of him, he’s the guy who deleted his 10,000 follower twitter account, Facebook account and practically every other social web service out there, thus rendering himself, almost invisible on the webs ’social’ accounts.
The hack works in a way whereby it identifies user-agents and serves up different content based on the agents user name. So in the case of Mr Carr’s website, the agent in this case is Googlebot the bot used by Google to spider the web.
The hacker script serves up content with links to Cialis and other Pharmacy type websites to Googlebot, whilst showing the unhacked content to everyone else. The clever thing with this hack is that most people will be unaware, until that is, their rankings tank in the search engines as their site content gets penalised. I’ve seen smarter hacks, that left the home page and recent posts intact, whilst targeting older posts that mightn’t show in search. This gets them the links they need to boost their pharm or gambling sites in the serps.
Curiously, this hack doesn’t actually link to any of the products it discusses. Perhaps they’ll add those later…
A simple easy fix is to set up a Google alert for your sitename/brand and an associated word, like Viagra or Cialis.
It’s also a good idea to establish a Google webmaster tools account, as they may alert you to the hack too.
Update your wordpress install folks, don’t let the bad guys win.