On March 21, Google published its State of Website Security in 2016, saying that there had been a 32 percent increase in the amount of hacked sites in 2016 compared to 2015. Google even said that it didn’t expect the trend to slow down either.
According to Google, these hackers are getting even “more aggressive.” It doesn’t help that, at the same time, more sites are allowing their sites and content management systems become out of date, which leaves themselves open to more security holes.
In order to incentivize folks to verify their sites with Google Search Console, one data point that is key is that “84% [of] webmasters who do apply for reconsideration are successful in cleaning their sites.” For those who take the time to verify their site with Search Console, they are also more likely to care about their outdated CMS package.
Google wants to warn any and all webmasters that their sites were hacked but said “61% of webmasters who were hacked never received a notification from Google that their site was infected because their sites weren’t verified in Search Console.” There’s no better time than the present to verify your site. It’s useful and free.
Google then documented three common hacks and how to clean up such hacks:
Gibberish Hack: The gibberish hack automatically creates many pages with non-sensical sentences filled with keywords on the target site. Hackers do this so the hacked pages show up in Google Search. Then, when people try to visit these pages, they’ll be redirected to an unrelated page, like a porn site. Learn more on how to fix this type of hack.
Japanese Keywords Hack: The Japanese keywords hack typically creates new pages with Japanese text on the target site in randomly generated directory names. These pages are monetized using affiliate links to stores selling fake brand merchandise and then shown in Google search. Sometimes the accounts of the hackers get added in Search Console as site owners. Learn more on how to fix this type of hack.
Cloaked Keywords Hack: The cloaked keywords and link hack automatically creates many pages with non-sensical sentence, links, and images. These pages sometimes contain basic template elements from the original site, so at first glance, the pages might look like normal parts of the target site until you read the content. In this type of attack, hackers usually use cloaking techniques to hide the malicious content and make the injected page appear as part of the original site or a 404 error page. Learn more on how to fix this type of hack.
For more details, see the Google Webmaster blog.