Being hit by the Japanese Keyword Spam hack can be devastating! You’d see that your search results are displaying random Japanese content.
Why is this happening to you? Similar to a pharma hack, these hackers capitalize on your SEO efforts and use your website to sell counterfeit brand merchandise. And as a result, your customers can be duped into buying these items which can cause irreparable damage to your business.
Once customers realize the products are fakes, you can be sure they’ll never return to your site. Your reputation could be ruined as you’d be pegged as fraudulent. Moreover, Google will blacklist your site to protect its users, and your web host will suspend your account for violation of their security policies.
When you’re WordPress site is hit with such an attack, we know the level of panic it creates as the malware infection is so widespread!
At MalCare, we’ve seen one too many victims of the Japanese SEO spam hack. So don’t worry, we’ve got you covered. We’ll show you the right way to fix it and then we’ll guide you on how to make your site secure so that hackers are kept out!
If your WordPress website has been infected with a Japanese keyword hack, you need to clean your site immediately. The longer your site remains hacked, the worse things get. We recommend using our Japanese Keyword Hack Removal Plugin to detect the hack and clean it immediately.
What is Japanese SEO Spam Hack?
The Japanese SEO spam is a dreaded malware infection wherein hackers inject spammy Japanese words into your pages. Once these hacked pages get indexed by Google, your appearance on search results will be manipulated. So your website will start ranking for these Japanese keywords.
If you want to check if your site is a victim of this hack, visit Google and type in ‘site: yourwebsitename.com japan’.
In the example below, we didn’t even need the word ‘Japan’ to see the hack.
Next, the hackers also inject affiliate links to stores that sell counterfeit products on these pages. In some infections, hackers create thousands of their own SEO spam pages with affiliate links.
If someone visits your site, clicks on the affiliate link, and buys the product, the hacker gets a commission. This is how they generate revenue from their hack.
Tip: This type of hacker would usually add themselves as a property owner in Google Search Console. They do this so that they can manipulate your site’s geotargeting settings and sitemaps. This allows them to change the country your website is targeting, or change it from local to international targeting.
If you see a notification of a Search Console verification for your site, you should check if you’ve been hacked immediately. We’ll show you how but first we want to cover just how serious this WordPress hack is.
Consequences of Japanese Spam Hack
If you’re a victim of the Japanese SEO spam hack, there are dire consequences to face.
1. Customers Lose Trust
Building trust with customers takes a long time, whether you run a blog, a business, or an eCommerce store. When your site is hacked, confidential business information and customer data could be stolen. Customers could be duped into buying fake products.
In such an event, customers most likely will never come back to your site. Rebuilding that trust could be an insurmountable feat.
2. SEO Efforts Are Damaged
Your search rankings will take a hit as hackers use blackhat SEO tactics that Google does not approve of. They also create thousands of backlinks that could ruin your backlink profile.
3. Google Blacklists Site
Google’s first priority is user experience and satisfaction. So, if your website could potentially harm users or put them at risk (of having their data stolen or being duped into buying fake products), Google would feel it in their best interest to take your site of their platform.
Your pages will be deindexed and your site will be blacklisted. Visitors who try to access your site will be displayed a warning:
4. Webhost Suspends Site
Your web hosting provider will also take your site offline and suspend your account if they find out that their site is hacked. This is because they usually have strict policies that require you to implement security measures on your site. Being hacked means you are in violation of that policy.
Apart from this, if you are using a shared server, you could jeopardize other website’s performance and security. This is because your hacked site will eat up more server resources.
5. Loss of Revenue
Needless to say, when your site is hacked and taken offline, you would lose revenue every minute. For eCommerce stores, this means losing out on sales. Other websites could lose out on ad revenue and affiliate revenue.
Plus, once hackers have control of your website, they can also demand more money from you by holding your website hostage and demanding a ransom. If you have an eCommerce store, you can check our WooCommerce Security tips.
6. High Recovery Costs
Businesses have forked over thousands of dollars to clean up hacks. Companies lose $400 billion to hackers every year in clean up costs, rehauling security protocols and paying legal penalties.
A study showed that 60% of businesses never recover from hacks and shut shop within 6 months of the hack. Recovering from such a hack has proved to be expensive!
These are just some of the high-impact consequences you could face. Now, you can understand why we need to clean this up promptly and also add layers of security so that it doesn’t happen again.
How to Detect & Clean a Japanese SEO Spam Hack?
Detecting Japanese SEO Spams is tricky because hackers cleverly disguise their malicious activities on your site. They use a method called cloaking which disguises the spam Japanese characters from the site owner, but the search engines will be able to pick it up.
They may do this by keeping the font color the same as the background color or making the font size really tiny. Hackers may hide the keywords in the header or footer too.
There are two main ways to find the Japanese SEO Spam Hack –
- You can do it manually (hard way)
- You can do it using a security plugin (easy way)
1. Find & Clean Japanese Spam Hack With a Security Plugin
There are WordPress Security Plugins that are capable of scanning files and looking for thousands of malware infections in just a few minutes.
One thing to bear in mind here is that some of these plugins can only find known malware. This means any new code created by hackers will be missed. So there are chances that a malware scanner tells you your site is clean when it’s actually hacked.
Tip: Sometimes hackers use the same code that is also used by some legit plugins and themes. Security scanners that look for known WordPress malware signatures may detect this legit code. It will then alert you that your site is hacked even though it’s really not.
So while a security plugin is preferred over the manual method, here too, you have to choose the right plugin. To detect a Japanese keyword spam hack, you need the following in a plugin:
- Scan every file locations and folders of your website in under a few minutes
- Check for cloaking of disguised and hidden malicious code
- Detect any malicious code – known or new – by analyzing its behavior and execution
- No false indications that the site is clean when it’s not
MalCare is one such plugin that can meet the above requirements. Here’s how to use the plugin:
Step 2: MalCare will automatically start scanning your site. When it finds malware on your site, it’ll alert you like this –
After finding malware on your site, the next step is to clean it.
→ How to Clean a Japanese Keyword Hack With a Security Plugin?
To fix the Japanese Keyword Hack is a not an easy work, so it’s only natural to be worried about how complicated cleaning it up is going to be. But with MalCare, it’s just one click.
Step 1: Once malware has been detected, you can clean up the malware yourself by clicking on ‘Auto-clean’:
As we mentioned earlier, sometimes the hacker’s code is also used in plugins/themes. If you delete the code used by the plugin/theme, your site could break.
We recommend using MalCare because it analyses the code’s behavior and patterns. This enables it to be 100% sure if it’s malware or not. It will remove all malicious files and scripts without breaking your site.
2. Find & Clean Japanese Spam Hack Manually
As we mentioned, hackers disguise their spam keywords using a technique called cloaking. Trying to find the this type of hack manually requires technical knowledge of the inner workings of WordPress. Not to mention, it’s time-consuming and you simply cannot guarantee that you’ve detected all of it.
Nonetheless, if you want to try this method, we suggest taking a backup of your site and then proceeding. This will ensure you don’t lose any data or can recover your site in case you break it while you remove malware.
→ Manual Detetion Through cPanel
To manually detect malware, follow the steps below:
Step 1: To manually detect the hack, you need to connect to your website using File Manager in cPanel of your web hosting account (Or using an FTP client like FileZilla).
Step 2: Next, you need to find the public_html folder like so:
Step 3: Next, using the search option on the top-right of the screen, you can search for the spam keywords by searching for known malware signatures. (There are thousands of them and new ones spring up every day).
You should also look for recently modified file on your site. You can do this by looking at the ‘Last modified’ column to see if hackers recently made changes to files you haven’t touched.
This could take several hours or even days and you need to be thorough because this hack could be in multiple places. Once you detect the malicious codes and delete them. We recommend that you check your .htaccess file as well.
Step 4: After this, you need to find and fix the vulnerability that allowed the hacker to enter your site, If that is still present, they can come back and infect your site again.
We don’t recommend the manual detection method to clean up a WordPress Japanese keyword hack. Years ago, the manual detection method was easy as hackers usually placed their hack in certain folders. But over time, they’ve grown smarter and hide malware in places you wouldn’t think to look. Therefore, this method has proven to be ineffective and the hack will most likely show up again.
An effective solution that we recommend is a WordPress Security Scanner. And in the previous section we’ve show you how you can use it to find and fix Japanese SEO spam on your site.
This brings us to end on cleaning up the Japanese SEO Spam malware. But we’re not done yet. Your website was hacked because there was a vulnerability on your site that allowed a hacker to get in.
There are follow-up steps you need to take to ensure you’re rid of the hack.
Steps to Take After Cleaning a Japanese SEO Spam Hack
Even after cleaning your website, the hack may return. To ensure that your site remains secure in the future, take the following steps:
1. Clean Search Console
Login to your Google Webmasters Search Console. Check if any users were added recently. If you don’t recognize them, delete those accounts from Search Console.
2. Replace Your .htaccess File
The .htaccess file is used to create redirects and hackers exploit this file to redirect your website visitors to their own sites. The MalCare plugin would’ve taken care of this. But as a precaution, you can replace the .htaccess file with a fresh copy using File Manager. Recommended read: How can I create a .htaccess file
3. Check Google Search Results
Type into Google, the same search query ‘site:yourdomain.com japan’. Also, do a search for just ‘site:yourdomain.com’.
4. Clean Backlinks
5. Remove Web Host Suspension
If your account was suspended by your WordPress host provider, you need to contact them via customer support and inform them that your site is now clean. They will unsuspend your account.
6. Remove Google Blacklist
If Google blacklisted you, you need to submit your site for review. Take a screenshot of your site being clean and attach it to your site submission.
We sincerely hope you found our Japanese keyword hack removal guide helpful and easy to follow. We know, this was a long guide, but before you leave here’s what we think you should do right now:
- Share this article with your colleagues or friends who you think would benefit from reading this article. Go on. Hit the share button.
- Install a WordPress Security Plugin like MalCare that’ll ensure your website remains protected against common hack attacks like Japanese SEO spams, brute force attacks, phishing attacks, backdoor insertion, etc.
- It comes with an active WordPress firewall plugin that blocks malicious IP addresses and bad bots from visiting your site.
- When you are all set. Put on a strong pot of coffee and plan how to grow your business by 2X.
Don’t bow down to Malware
Switch to MalCare!