#NoHacked A Google Review from 2016

This article is a summary from Google about sites hacked in 2016.

#NoHacked A Review of the Year 2016

We hope your year starts off safely!

We want to share with you a summary of our work from 2016 as we continue our #NoHacked campaign. Let's start with some trends in hacked sites from the past year.

State of web security in 2016

First, some unfortunate news. We have seen an increase in the number of hacked sites by approximately 32% in 2016 compared to 2015. We do not expect this trend to slow down. As hackers become more aggressive and more sites become obsolete, hackers will continue to capitalize by infecting more sites.

On the positive side, 84% of webmasters request a reconsideration They are successful in cleaning up their sites. However, 61% of webmasters who were hacked never received a notification from Google that their site was infected because their sites had not been verified in Search Console. Remember to sign up for Search Console if you own or manage a site. It is the main channel that Google uses to communicate site health alerts.

More Help for Hacked Webmasters

We've been listening to your feedback to better understand how we can help webmasters with security issues. One of the main requests was for easier understanding of documentation on hacked sites. As a result, we've worked hard to make our documentation more useful.

First, we created new documentation to give webmasters more context when their site has been compromised. Here is a list of the new help documentation:

We then created cleanup guides for sites affected by known hackers. We have noticed that sites are often affected in a similar way when they are hacked. By investigating the similarities, we have been able to create cleanup guides for certain specific types of known hacks. Below is a brief description of each of the guides we created:

Gibberish Hack: The gibberish hack automatically creates many pages with meaningless phrases full of keywords on the target site. Hackers do this so that hacked pages appear in Google Search. So when people try to visit these pages, they will be redirected to an unrelated page, such as a porn site. More information on how to fix this type of hack.

Hack keywords in Japanese: The Japanese keyword hack usually creates new pages with Japanese texts on the target site in randomly generated directories. These pages are monetized using affiliate links to stores that sell fake brand products and then show up in Google search. Sometimes hackers' accounts are added to Search Console as site owners. More information on how to fix this type of hack.

Hack cloaked keywords: The words cloaked and links hack automatically create many pages with meaningless sentences, links and images. These pages sometimes contain basic template elements from the original site, so at first glance the pages might look like normal parts of the target site until you read the content. In this type of attack, hackers often use cloaking techniques to hide the malicious content and make the injected page look like part of the original site or a 404 error page. More information on how to fix this type of hack.

Prevention is the key

As always it is better to take a preventative approach and protect your site rather than dealing with the aftermath of a hack. Remember that a chain is only as strong as its weakest link. You can read more about how to identify vulnerabilities in your site in our hack help guide. We also recommend that you stay up to date on publications and announcements from your content management system (CMS) vendors and software/hardware vendors.

Looking forward

Hacking is constantly evolving, and research allows us to stay up to date and combat the latest trends. You can learn about our latest research publications on the site information security research.

If you have specific comments or questions about compromised sites, the webmaster help forums They have an active group of Googlers and technical contributors who can answer your questions and provide additional technical support.