Help Needed: Removing Japanese Keyword Hack from My Website

  • Hello ,

    My website has recently been attacked by what I believe is the Japanese Keyword Hack. Here’s a breakdown of the issues I’m facing:

    1. Spammy Japanese Keywords in Search Results: When my site appears in search engine results, it shows Japanese characters and spammy text that I did not add.
    2. Malicious Sitemap Changes: My original sitemap has been altered, and new spammy URLs have been indexed by Google. These URLs lead to fake pages with Japanese keywords and irrelevant content.
    3. Database and Core File Infections: I suspect the malware has infected my database and possibly altered core files, but I’m not sure where to start looking or what to safely remove.

    I’ve already taken some steps like deleting suspicious sitemap files, clearing the .htaccess file, and using Wordfence to scan for issues. However, I’m still seeing the spam in search results, and the malware seems to keep reappearing.

    The page I need help with: [log in to see the link]

Viewing 1 replies (of 1 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @sunlandedu32, thank-you for highlighting your issue and sorry to see you’ve been potentially affected by malware.

    Unfortunately we can’t walk customers through a site cleaning here on the forums but we do have some excellent resources, an internal point of contact, and general advice that can assist you. You should try the following checklist:
    https://www.wordfence.com/docs/how-to-clean-a-hacked-wordpress-site-using-wordfence/

    Additionally you might find the WordPress Malware Removal section in our free?Learning Center?helpful.

    Make sure all of your plugins and themes are up-to-date and that WordPress core is on the latest suitable version. As a rule, any time someone thinks their site has been compromized, they should?update their passwords for hosting control panel, FTP, WordPress admin users, and database?in order to cover the key access points where somebody could change or upload things on your site. Make sure to do this!

    Check for administrative users you don’t recognize in?WordPress > Users > All Users, just in case there is anything suspicious there. Delete any that you know shouldn’t have this kind of access.

    If you find anything that you’re suspicious of but unsure what to do next, you can send files/code to?samples @ wordfence . com.?If you do, just make sure to?remove any database credentials or keys/salts?in any files you do send over. Our team can help advise next steps from there.

    If you’re unable to clean this on your own we do offer paid services too but are unable to discuss those here – site cleaning services are available from other sources too. Please contact?presales @ wordfence . com?if you’d like to discuss things further.

    Whether you choose to follow our guides yourself, or let someone else take a look, we recommend that you always make a?full backup of the site beforehand.

    Many thanks,
    Peter.

Viewing 1 replies (of 1 total)
  • You must be logged in to reply to this topic.