Being hit by the Japanese Keyword hack can be devastating! You’d see that your search results are displaying random Japanese content.
Why is this happening to you? As with a pharma hack, these hackers capitalize on your SEO efforts and use your website to sell counterfeit brand merchandise. Your customers can be duped into buying these items which can cause irreparable damage to your business.
Once customers realize the products are fakes, you can be sure they’ll never return to your site. Your reputation could be ruined as you’d be pegged as fraudulent. Moreover, Google will blacklist your site or will provide warnings in search results like deceptive site ahead , this site may be hacked to protect its users, and your web host will suspend your account for violation of their security policies.
When your WordPress site is hit with such an attack, we know the level of panic it creates as the malware infection is so widespread!
At MalCare, we’ve seen one too many victims of the Japanese keyword hack. So don’t worry, we’ve got you covered. We’ll show you the right way to fix it and then we’ll guide you on how to make your site secure so that hackers are kept out!
If your WordPress website has been infected with Japanese SEO malware, you need to clean your site immediately. The longer your site remains hacked, the worse things get. We recommend using our Japanese Keyword Hack Removal Plugin to detect the hack and clean it immediately.
What is Japanese keyword hack?
The Japanese keyword hack is a dreaded malware infection wherein hackers inject spammy Japanese words into your pages. When the page gets indexed by Google, your appearance on search results will be manipulated. So your website will start ranking for Japanese keywords.
In the example below, hackers had injected malware on the sitemap page on the website of our client.
On Google, the website was throwing results with Japanese keywords.
We removed every single trace of malware from his website within minutes and helped him get his website up and running in no time.
If you want to check whether your site is a victim of a WordPress Japanese hack, visit Google and type in site:yourwebsitename.com or site:yourwebsitename.com japan.
Next, the hackers also inject affiliate links to stores that sell counterfeit products on these pages. In some infections, hackers create thousands of spam pages with affiliate links.
If someone visits your site, clicks on the affiliate link, and buys the product, the hacker gets a commission. This is how they generate revenue from their hack.
Tip: This type of hacker would usually add themselves as a property owner in Google Search Console. They do this so that they can manipulate your site’s geo-targeting settings and sitemaps. This allows them to change the country your website is targeting, or change it from local to international targeting. If you see a notification of a Search Console verification for your site, you should scan your website immediately. To learn more about the impact of this type of WordPress hack, jump to the consequences section.
How to identify & fix Japanese keyword hack?
Detecting Japanese keyword hack is tricky because hackers cleverly disguise their malicious activities on your site. They use a method called cloaking which disguises the spam Japanese characters from the site owner, but the search engines will be able to pick it up.
They may do this by keeping the font color the same as the background color or making the font size really tiny. Hackers may hide the keywords in the header or footer too.
There are two main ways to find the Japanese keyword hack –
- You can do it manually (hard way)
- You can do it using a security plugin (easy way)
How to identify Japanese keyword hack (with plugin)
There are WordPress Security Plugins that are capable of scanning files and looking for thousands of malware infections in just a few minutes.
One thing to bear in mind here is that some of these plugins can only find known malware. This means any new code created by hackers will be missed. So there are chances that a malware scanner tells you your site is clean when it’s actually hacked.
Tip: Sometimes hackers use the same code that is also used by some legit plugins and themes. Security scanners that look for known WordPress malware signatures may detect this legit code. It will then alert you that your site is hacked even though it’s really not.
So while a security plugin is preferred over the manual method, here too, you have to choose the right plugin. To detect a Japanese keyword spam hack, you need the following in a plugin:
- Scan every file locations and folders of your website in under a few minutes
- Check for cloaking of disguised and hidden malicious code
- Detect any malicious code – known or new – by analyzing its behavior and execution
- No false indications that the site is clean when it’s not
MalCare is one such plugin that can meet the above requirements. Here’s how to use the plugin:
Step 2: MalCare will automatically start scanning your site. When it finds malware on your site, it’ll alert you about it.
After finding malware on your site, the next step is to clean it.
How to fix Japanese keyword hack (with plugin)
Fixing the Japanese Keyword Hack in WordPress is not easy work, so it’s only natural to be worried about how complicated cleaning it up is going to be. But with MalCare, it’s just one click.
Step 1: Once the malware has been detected, you can clean up the malware yourself by clicking on ‘Auto-clean’:
As we mentioned earlier, sometimes the hacker’s code is also used in plugins/themes. If you delete the code used by the plugin/theme, your site could break.
We recommend using MalCare because it analyses the code’s behavior and patterns. This enables it to be 100% sure if it’s malware or not. It will remove all malicious files and scripts without breaking your site.
How to identify & fix Japanese keyword hack (manually)
As we mentioned, hackers disguise their spam keywords using a technique called cloaking. Trying to find this type of hack manually requires technical knowledge of the inner workings of WordPress. Not to mention, it’s time-consuming and you simply cannot guarantee that you’ve detected all of it.
Nonetheless, if you want to try this method, we suggest taking a backup of your site and then proceeding. This will ensure you don’t lose any data or can recover your site in case you break it while you remove malware.
To manually detect malware, follow the steps below:
Step 1: To manually detect Japanese keyword attack, you need to connect to your website using File Manager in cPanel of your web hosting account (Or using an FTP client like FileZilla).
Step 2: Next, you need to find the public_html folder like so:
Step 3: Next, using the search option on the top-right of the screen, you can search for the spam keywords by searching for known malware signatures. (There are thousands of them and new ones spring up every day).
You should also look for a recently modified file on your site. You can do this by looking at the ‘Last modified’ column to see if hackers recently made changes to files you haven’t touched.
This could take several hours or even days and you need to be thorough because this hack could be in multiple places. Once you detect the malicious codes and delete them. We recommend that you check your .htaccess file as well.
Step 4: After this, you need to find and fix the vulnerability that allowed the hacker to enter your site, If that is still present, they can come back and infect your site again.
We don’t recommend the manual detection method to clean up a WordPress Japanese keyword hack. Years ago, the manual detection method was easy as hackers usually placed their hack in certain folders. But over time, they’ve grown smarter and hide malware in places you wouldn’t think to look. Therefore, this method has proven to be ineffective and the hack will most likely show up again.
An effective solution that we recommend is a WordPress Security Scanner. And in the previous section, we’ve shown you how you can use it to find and fix Japanese keyword attack on your site.
This brings us to the end of cleaning up Japanese malware that generates fake Google results. But we’re not done yet. Your website was hacked because there was a vulnerability on your site that allowed a hacker to get in.
There are follow-up steps you need to take to ensure you’re rid of the hack.
Steps to take after cleaning a Japanese keyword spam hack
Even after cleaning your website, the hack may return. To ensure that your site remains secure in the future, take the following steps:
1. Clean Search Console
Login to your Google Webmasters Search Console. Check if any users were added recently. If you don’t recognize them, delete those accounts from Search Console.
2. Request Google to crawl your website
You need to check whether Google is still showing Japanese characters when your website appears on the SERP.
But first, clean all website & server-level cache. Here’s a guide that’ll help you clean your cache.
Then type this query ‘site:yourdomain.com japan’ or ‘site:yourdomain.com’ into Google.
If you can still see the keywords, then send a crawl request to Google. While your site is clean, Google Search listings are not updated since the cleanup. It can take Google a couple of hours to up to a few days to crawl your website. But you can initiate the crawl by sending a request.
3. Replace .htaccess file
The .htaccess file is used to create redirects and hackers exploit this file to redirect your website visitors to their own sites. The MalCare plugin would’ve taken care of this. But as a precaution, you can replace the .htaccess file with a fresh copy using File Manager.
Recommended read: How can I create a .htaccess file
4. Clean backlinks
5. Remove web host suspension (optional)
If your account was suspended by your WordPress hosting provider, you need to contact them via customer support and inform them that your site is now clean. They will unsuspend your account.
6. Remove Google blacklist (optional)
If Google blacklisted you, you need to submit your site for review. Take a screenshot of your site being clean and attach it to your site submission.
How to prevent the Japanese Keyword Attack in the future?
Even if you have removed every trace of malware from your website, there is no guarantee that your website will not be hacked again.
You can protect your website from future hacks by installing a WordPress security plugin like MalCare.
- It’ll place a firewall to prevent hackers and bots from accessing your website.
- It’ll also protect your login page from brute force attacks.
- The plugin will scan your website on a daily basis.
- And it’ll help you take website hardening measures without breaking your site.
Installing a plugin is the first step. There are many more security measures that you can take. We have compiled a handy list – Complete guide on WordPress security.
Consequences of Japanese keyword hack on your site
Once hacked, you’ll notice a domino effect on your website. We have listed them below:
1. Customers lose trust
Building trust with customers takes a long time, whether you run a blog, a business, or an eCommerce store. When your site is hacked, confidential business information and customer data could be stolen. Customers could be duped into buying fake products.
In such an event, customers most likely will never come back to your site. Rebuilding that trust could be an insurmountable feat.
2. SEO efforts are damaged
Your search rankings will take a hit as hackers use blackhat SEO tactics that Google does not approve of. They also create thousands of backlinks that could ruin your backlink profile.
3. Google blacklists site
Google’s first priority is user experience and satisfaction. So, if your website could potentially harm users or put them at risk (of having their data stolen or being duped into buying fake products), Google would feel it in their best interest to take your site off their platform.
Your pages will be deindexed and your site will be blacklisted. Visitors who try to access your site will be displayed a warning:
4. Webhost suspends site
Your web hosting provider will also take your site offline and suspend your account if they find out that their site is hacked. This is because they usually have strict policies that require you to implement security measures on your site. Being hacked means you are in violation of that policy.
Apart from this, if you are using a shared server, you could jeopardize other website’s performance and security. This is because your hacked site will eat up more server resources.
5. Loss of revenue
Needless to say, when your site is hacked and taken offline, you would lose revenue every minute. For eCommerce stores, this means losing out on sales. Other websites could lose out on ad revenue and affiliate revenue.
Plus, once hackers have control of your website, they can also demand more money from you by holding your website hostage and demanding a ransom. If you have an eCommerce store, you can check our WooCommerce Security tips.
6. High recovery costs
Businesses have forked over thousands of dollars to clean up hacks. Companies lose $400 billion to hackers every year in clean-up costs, rehauling security protocols, and paying legal penalties.
A study showed that 60% of businesses never recover from hacks and shut shop within 6 months of the hack. Recovering from such a hack has proved to be expensive!
These are just some of the high-impact consequences you could face. Now, you can understand why we need to clean this up promptly and also add layers of security so that it doesn’t happen again.
We sincerely hope you found our Japanese keyword hack removal guide helpful and easy to follow. We know, this was a long guide, but before you leave here’s what we think you should do right now:
- Share this article with your colleagues or friends who you think would benefit from reading this article. Go on. Hit the share button.
- Install a WordPress Security Plugin like MalCare that’ll ensure your website remains protected against common hack attacks like Japanese hack malware, brute force attacks, phishing attacks, backdoor insertion, etc.
- It comes with an active WordPress firewall plugin that blocks malicious IP addresses and bad bots from country or device from visiting your site.
- When you are all set. Put on a strong pot of coffee and plan how to grow your business by 2X.
Don’t bow down to Malware
How to fix a Japanese keyword hack?
How did a Japanese keyword hack occur on my website?
The Japanese keyword hack occurred due to a vulnerability present on your website. Common vulnerabilities are outdated plugins, themes, and weak usernames and passwords. We have compiled a handy guide on how to make your WordPress website secure.
Why is my WordPress security plugin saying there is no Japanese keyword hack?
Your WordPress security plugin is saying that there is no Japanese keyword hack because this type of hack is difficult to find. Hackers are clever. They know what tactics security plugins use (like signature matching) to detect malware. They develop methods to hide malware in plain sight which is why security plugins with outdated techniques fail to find difficult hacks like the Japanese keyword hack.
Recommend read: Best WordPress security plugins.
What is a Japanese keyword hack? Does it affect the backlinks of websites?
The Japanese keyword hack is a dreaded malware infection where hackers inject spammy Japanese words into your website pages. When the page gets indexed by Google, your appearance on search results is manipulated. So your website starts ranking for Japanese keywords. More on that here.
What does the Japanese keyword WordPress hack do?
In a Japanese keyword WordPress hack, pages on your website are injected with spammy Japanese words. When your website shows up on Google, users can see spammy keywords and are unlikely to visit your website. Learn more on how Japanese keyword hacks work.