June 19, 2021

Google Warns 20,000 Webmasters About Possible JavaScript Injections on their Sites

(LiveHacking.Com) – Accoring to Matt Cutts,  Google’s friendly face, the search giant has sent emails to 20,000 webmasters warning them about possible hacker activity on their sites. The “your site might be hacked” message was sent to websites which exhibited weird redirect behavior.

The message warns webmasters that their “website’s pages may be hacked.” Specifically, Google are worried about JavaScript that hackers have injected into sites that redirect users to malicious sites. Google are advising the webmasters to check the site’s source code for any unfamiliar JavaScript and in particular any files containing ‘eval(function(p,a,c,k,e,r)’. The malicious code may be placed in any HTML, JavaScript, or PHP files so Google are asking admins to be thorough in their search.

The Javascript injection is relatively complex in that the .htaccess file could also have been changed resulting in infected sites cloaking the hack and only showing the malicious content in certain situations.

“We encourage you to investigate this matter in order to protect your visitors. If your site was compromised, it’s important to not only remove the malicious (and usually hidden) content from your pages, but also to identify and fix the vulnerability. A good first step may be to contact your web host’s technical support for assistance. It’s also important to make sure that your website’s software is up-to-date with the latest security updates and patches,” wrote Google.

Google have taken proactive action in the past to protect its users. Last year it removed web sites hosted on the .co.cc free Web hosting service from its search results due to the fact that such a large percentage of the sites were low-quality or set-up only for spam.