Crackunit has been pharma-hacked! Bugger.

If you search for Crackunit on Google you see this:

Which is bad.

But when I actually arrive at the page there’s no mention of Zopiclone – not even in the source code anywhere. There’s no links, no nothing?!? And there’s no Pharmacy name in the hack, so I wondered what anyone could be getting out of this apart from a pain in the ass.

I did a search for Zopiclone blog hacks and various other things. And didn’t find anything useful. But I did find that Cookie (made-in-england.org) appears to have been ‘got’ too.

After a bit more digging I found this useful write up from the excellent Pearsonified blog: http://www.pearsonified.com/2010/04/wordpress-pharma-hack.php

It says:

The WordPress pharma hack quietly exploits your highest-ranking and most valuable pages by overriding the title tag and by inserting spammy links into the page content. Interestingly, the modified title tag and spammy links are only visible to search engines.

So it’s a very clever and very dirty way of boosting search engine rankings for dirty companies. I have no idea how they compromised wordpress or my server.

Unfortunately the fixes that are listed are complicated and time consuming – and on first pass it looks like my version of the hack is slightly different. Which makes it even more painful to fix. Sigh…

Anyone got any thoughts apart from ‘give up’?

8 thoughts on “Crackunit has been pharma-hacked! Bugger.”

  1. As it happens, I am a regular zopiclone consumer. I have nothing but good things to say about it — particularly when I travel between timezones.

    Am sure you'll be able to fix it — but agree, looks like a good hour or so's hair-tearing work. In the meantime, consider selling pharma-related Google AdSense.

  2. This is the problem with WordPress, as soon as you fall behind on your updates all sorts of holes start to emerge. Your best bet is to probably back up your database and theme and just do a totally fresh install with the newest version. I had to deal with all this stuff about a year ago and it was a huge annoyance. Sorry dude.

  3. Thanks for pointing it out – you were the alerter. And that makes you the alertest. Thank you.

  4. Noah is probably right if your site is full of the stuff, but there are a few plugins that help:

    WordPress Exploit Scanner – pretty good at weeding out this stuff – and Search Regex, which allows you to search and replace stuff in your blog’s tables, but be careful with it.

Leave a Reply