Manipur Govt website infected with Japanese Keyword Hack malware

Tech Morung

The official website of Manipur Govt., https://manipur.gov.in is currently infected with ‘Japanese Keyword Hack’ malware. More than 260 pages of the website have been injected with Japanese Keywords in the title and the meta descriptions. And as a result, the website is showing up with Japanese titles and descriptions.

Here’s a quick look at how it’s appearing on Google search. Visit Google and type Site:manipur.gov.in (this is to show the list of pages appearing on Google for a particular website).

Manipur Govt Website

We ran a Google translate for the first three pages as appeared on the search page above. And here’s what it shows. As you can see from the above translations, the keywords are unrelated to the Manipur Govt website.

Japanese Keyword Hack 1536x1108 1

We also ran a quick scan at Sucuri (a well-known website security service) and found that the official website of Manipur Govt is indeed infected with Japanese Keyword Hack malware.

Manipur Govt website hacked 1536x703 1

What is Japanese SEO Hacking?

The Japanese keyword hack is a dreaded malware infection wherein hackers inject spammy Japanese words into your website pages. The keywords are injected (as seen in the above Google translation image) into the site title and description, so as to hijack the search engine rankings.

This particular type of Blackhat SEO technique hijacks Google search results by displaying Japanese words in the title and description of the infected pages. Often different web pages are shown to search engines and normal visitors. This hacking is also commonly known as the “Japanese Keyword Hack“, “Japanese Search Spam” or the “Japanese SEO Spam”.

How hackers inject the malware?

There could be many ways as to how the website has been infected with the malware. The most common of them are:

  1. Outdated CMS version
  2. Third-party Plugins
  3. Enabled Directory browsing
  4. Improper File Permissions
  5. Pirated Plugins or Themes

Manipur Govt website is build using WordPress, the most used Content Management System (CMS) in the world. The website is currently using WordPress version 5.4, the latest version of WordPress is 5.6.1. As per the report, around 40% of all the websites in the world are made using WordPress. As such, WordPress websites are more prone to malware and hackings.

Effects of SEO Spam hack on the website

Like any SEO spam infection, delaying the cleanup of the Japanese keyword hack can have long-term consequences. This can result in

  • The website reputation gets damaged
  • Hosting gets suspended
  • Blacklisting by Google
malware

How To Fix Japanese Keyword Hack

There’s no hard and fast rule, and no one solution to fix the hack. It will always depend on case to case basis. However, in general, you need to check these steps.

1. Backup your site before cleaning

Before starting anything, it’s a good practice to have a backup of the website. So that, if anything goes wrong, it can be restored.

2. Remove any newly created user accounts in the Search Console

Check Google Search Console and see if there are any unknown users added that may have admin access to the website. If you find any, immediately revoke access.

3. Run a Malware Scan

Scan your website for malware and other malicious files from websites like Malcare or Sucuri. One can also check the ‘Virus Scanner’ tool in the cPanel provided by your web host, and also get in touch with the hosting provider.

4. Check  .htaccess file

Hackers often use the .htaccess file to redirect users & search engines to malicious pages. Verify the contents of the .htaccess file from the last known clean version of your backups. If you find any suspicious code, comment it out by putting the ‘#’ character in front of the rule.

5. Check the recently modified files

You can find any recently modified files by following these steps:
– Log in to your web server via SSH.
– Execute the following command to find the most modified files
find /path-of-www -type f -printf '%TY-%Tm-%Td %TT %p\n' | sort -r

6. Replace the core files, plugin files & theme files

Most of the hacking comes from outdated plugins and themes. Check for the themes and plugins one by one and replace the infected core files with the original versions of the same from WordPress.org. After downloading the fresh and updated versions of these files & directories, you can delete the older ones.

7. Check uploads directory

Check your wp-content/uploads directory for files with blacklisted extensions, like .php, .js and .ico. If you find such files, check the content for characters like base64_decode, rot13, eval, strrev, gzinflate, etc. Eliminate files all such files as they are can be malicious.

8. Check your sitemap

A hacker may have modified or added a new sitemap to index the Japanese SEO Spam pages quickly. If you notice any suspicious links in the sitemap, quickly update your CMS core files from a last known clean backup.

Another way to clean the malware is to make use of Instant WordPress Malware Removal Services. Services such as MalCare can scan every file and folder on the website within a few minutes, check for cloaking or disguised and hidden codes on your website. It helps detect any known or new malicious code.

What Should the Govt of Manipur do?

Manipur Govt., should right away get in touch with the developer of the website Rave Cyber Solutions Pvt Ltd (as given on the footer of the website) to get rid of the Japanese Keyword Hack at the earliest.

Govt of Manipur can also think about shifting from WordPress to NIC’s Content Management Framework (CMF) which handles most of the Govt of India’s Website.

How to prevent such Japanese Keyword Hack?

In order to prevent such malware attacks or hacking, it is important to keep the website up to date and check for security issues from time to time.

Another important way to remove or prevent such hacking is to have solid web hosting which provides fast and secure web hosting along with awesome customer support. We at TechMorung use A2Hosting for its awesome speed, security, and Customer support. It’s a highly recommended WordPress hosting

Here’s our site scan for malware and malicious codes. Thanks to A2Hosting for keeping us safe!

TechMorung Malware Scan

We also highly recommend WPX hosting for Managed WordPress Hosting. WPX Hosting is among the top Managed WordPress Hosting which not only prides itself as one of the Fastest WordPress Hosting but also one of the fastest and quickest customer support. And yes we can vouch for that.

Ps: TechMorung Studio also provides web designing and web maintenance services. Contact us at techmorung@gmail.com for more details.

TechMorung is proudly hosted on A2Hosting
Share This Article
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *