Google: Hacked sites increased 32% in 2016

Google published its State of Website Security in 2016 today, reporting that there was a 32 percent increase in the number of hacked sites in 2016 compared to 2015. Google added that it doesn’t expect the trend to slow down any time soon.

Google said that these hackers are getting even “more aggressive,” and at the same time more sites are letting their sites and content management systems become out of date, leaving themselves open to more security holes.

As an incentive to verify your site with Google Search Console, one data point that is key is that “84% [of] webmasters who do apply for reconsideration are successful in cleaning their sites.” Of course, those that do take the time to verify their sites with Search Console are also more likely to care about their outdated CMS package.

Google does try to warn all webmasters that their sites were hacked but said “61% of webmasters who were hacked never received a notification from Google that their site was infected because their sites weren’t verified in Search Console.” So verify your site; it is free and useful.

Google then documented three common hacks and how to clean up such hacks:

Gibberish Hack: The gibberish hack automatically creates many pages with non-sensical sentences filled with keywords on the target site. Hackers do this so the hacked pages show up in Google Search. Then, when people try to visit these pages, they’ll be redirected to an unrelated page, like a porn site. Learn more on how to fix this type of hack.
Japanese Keywords Hack: The Japanese keywords hack typically creates new pages with Japanese text on the target site in randomly generated directory names. These pages are monetized using affiliate links to stores selling fake brand merchandise and then shown in Google search. Sometimes the accounts of the hackers get added in Search Console as site owners. Learn more on how to fix this type of hack.
Cloaked Keywords Hack: The cloaked keywords and link hack automatically creates many pages with non-sensical sentence, links, and images. These pages sometimes contain basic template elements from the original site, so at first glance, the pages might look like normal parts of the target site until you read the content. In this type of attack, hackers usually use cloaking techniques to hide the malicious content and make the injected page appear as part of the original site or a 404 error page. Learn more on how to fix this type of hack.

For more details, see the Google Webmaster blog.