The /wp-content/1/ WordPress attack is being followed up by a comment spam campaign.
The spammer is sending out casino & poker comment spam that links to the hacked pages that are found in /wp-content/1/ — it looks like this:
Here is an idea for a WordPress hack defense that I think would put an end to WordPress link injection hacking. I don’t have time to write this script, but maybe someone else will.
I wrote a post yesterday about how PocketSEO.com was hacked. This site has been heavily penalized because cloaked, hidden porn links were being injected into the site through a WordPress backdoor.
I’ve seen this happen many times to EDU and other sites. “Hackers” break into the sites and put hidden links to networks of porn sites. I even saw one EDU site that had porn links all over the home page. Those links pointed at pages about porn on other hacked trusted sites, which then pointed to or redirected to porn affiliate links. Some of the pages would try to install malware.
Here is a way to protect this from happening to your site and your clients’ sites:
PocketSEO.com suddenly dropped in the SERPs so I did some investigating.
It turns out that my site was hacked and a backdoor was installed. Someone was inserting cloaked porn links in the footer.