Penguin 2.0: Hacked Websites

I recently wrote a blog called “Content Driven,” in which I wrote about web spam. One of those types of spam, according to Google, is a compromised website, or one that has been hacked. 

Hacking: Annoyance + Stock Killer

Hacked sites are just another one of life’s little annoyances for most of us with websites. But if you are the Associated Press and the Syrian Electronic Army hacks your Twitter account it becomes a much larger problem. Back in late May of this year, the Syrian Electronic Army hacked the AP’s Twitter account and tweeted, “Breaking: Two Explosions in the White House and Barack Obama is injured.” This, in turn, caused the Dow to drop around 140 points, though it bounced back within the hour. This actually happened because more than half of stock trading is done by computers that are setup with algorithmic trading programs that scan the news and even tweets for any kind of change, good or bad. (source: Associated Press Bernard Condon and Matthew Craft)

Google’s Wrath

So what does this tell us about our online world today? First, we need to check our sources before we SELL!!! SELL!!! SELL!!! Second, sites are going to be hacked and now Google is making serious changes to deal with hacked sites on their end. With the new Penguin 2.0 update, Google will be de-indexing sites that are hacked and notifying them through Google’s webmaster console or by sending them an e-mail to notify them. Most of these sites belong to small to medium sized businesses or to individuals.  When they are hacked, the intruder installs spammy content that affects usability and functionality. So what can you do if your site has been hacked? 

5 Tips For A Hacked Site

1. If you have a webmaster, notify them immediately. They need to know right away if they don’t already. This is one of many reasons why it is a good idea to have an internal webmaster or a third party web business managing your site and making backups.
2. If you are managing your own site, hopefully you have been backing it up. If so, you need to take your site offline and install the latest backup before the site was hacked. After you have done this, you need to change your passwords, usernames, etc.
3. You can use Google Chrome to look at the code of your website to see where the spam was added and see what file that code is in. Right click on the section you want to change and select “Inspect Element.” Here it will display the files that make up your site and the content in those files. With the information attained from this you can go in and change the actual code in the backend of the website. I don’t suggest a web novice try to do this, because it could cause more problems, but if you have experience writing code, it shouldn’t be too difficult. 
4. Once you have removed the hacked content from your site and changed passwords, you need to notify Google, so that they can scan and re-index your site. If you don’t act on this step, your page will remain hidden from searches and will not reappear on Google. This could be disastrous for your business. You can click here for more information on how to resubmit your site.
5. Lastly, remember to always have a strong password. We suggest using 8 or more characters that include letters, numbers, symbols and punctuation. This should ideally be changed every 3 months and please don’t use the password: Password123. It’s just not a great idea.

For additional resources, Google has launched a help center for hacked sites that you can find here. 

Has your site ever been hacked? Tell us below in the comments section how you dealt with it and if you have any helpful tips to pass on to others. If you need help dealing with a currently hacked site, let us know and we’ll do our best to help!