1. Home
  2. Forums Index
  3. Search Engines and SEO / Google Search and SEO 9:58 am May 22, 2026

Forum Moderators: Robert Charlton & goodroi

Message Too Old, No Replies

Case Study of how a site was hacked that led to a manual penalty

         

McMohan

12:46 pm on Sep 9, 2014 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



Here is the turn of events in chronological order -

1. The site (in health niche) was hacked by a pharma network, injecting viagra/cialis pages in the site. It was a Wordpress site, and hackers ensured hacked content was only visible to Google, while website remained just as usual to users.

2. Links from this to other similar hacked sites and other sites to this site were built.

3. The site was moved over to Drupal, making a clean switch from Wordpress. Hacking stopped. Lot of time elapsed, since site owner was not aware her site was hacked.

4. Google first issued a penalty for Hacked content and then much later for bad links from other similar hacked sites, while hacked links on other sites were long gone.

5. At this point the site was brought to my notice. From the GWT links report, I disavowed only the links that were hacked from other sites and sent a reconsideration request. The link penalty was revoked.

6. Next sent reconsideration request for hacked content. Which too was revoked.

Take home? Danger is very real for an ordinary site owner that things can take a nasty turn without her knowledge. Fortunately for her, the site had good amount of non-Google traffic which sustained her business in the meanwhile.

aakk9999

9:35 pm on Sep 9, 2014 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



Thank you for sharing this. And it is good that both reconsideration requests worked so promptly.

McMohan

12:18 pm on Sep 10, 2014 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



aakk9999, it worked so promptly since the links from these hacked sites stood out from the rest of the links, and we only had to disavow those links. But what is bothering is Google sent the penalty notice when these links had long gone.

Planet13

6:08 pm on Sep 10, 2014 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



"But what is bothering is Google sent the penalty notice when these links had long gone."


Curious.

wonder if it is google's way to just try and alert a website owner that there has been problems in the past and to be more vigilant in the future?

Either way, thanks for the warning.

zerofatzreturns

10:27 pm on Sep 10, 2014 (gmt 0)



moral of the story...don't depend on google alone for your traffic. Diversify traffic sources. It's kind of like live by the sword, die by the sword you know?

Sometimes I feel like making money on the internet is just like building a stock portfolio. You have to have multiple things happening collectively for one giant result.

Anybody ever want to turn it back about 10 years? lol




<snip>

[edited by: goodroi at 11:56 pm (utc) on Sep 10, 2014]
[edit reason] Welcome to WebmasterWorld, please follow the forum charter rules [/edit]

blend27

9:33 pm on Oct 6, 2014 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



Danger is very real for an ordinary site owner that things can take a nasty turn without her knowledge

I just found out that one of my old hosting accounts got hacked at the end of July. Account had several domains that are just parked. Each site = 1 page + one folder with CSS document. What the have done was simple: created/scripted whole bunch of folders with over 300 pages with all kinds of garbage under CSS folder. I would never look there to begin with.

Result: each site now has 300+ pages indexed. I checked backlinks on "hrefs" site and they say it is over 21,000 pointing to each site. Sites linking are in China, Russia, Canada, Holland, 2 sites in US.

The way I found out was I typed one of the domain names in Google. Got a message that The Site might be HACKED :(.

I spent past 4 month developing a brand new ecommerce application for this domain. Domain is 7 years old, I have it park for all this time. So now that the site is ready......dam it man....

What hurts even more is one of the domains is my last name. Plain mylastname.com. I only use this one as an email server. not even a default page. It hurts so much...

Not sure what to do here either. I don't want to start creating webmaster accounts in Goog and Bing, no need for it, really..

Sand

9:40 pm on Oct 6, 2014 (gmt 0)

10+ Year Member



I helped someone clean up their site when this exact thing happened to them.

The only difference is they didn't receive a manual penalty (or even a notification of spammy links, even though the hackers did the same thing). Instead, they received a WMT notification that their site had been hacked. Nothing more.

I cleaned up the hack, and the Google rankings returned to normal in 2-4 weeks.

This was maybe a year ago. Interesting how differently they classified the situations (their site: hacked. Your site: spam).
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Search Engines and SEO / Google Search and SEO 9:58 am May 22, 2026