If you’re using WordPress or Joomla as your platform of choice, you’ve probably come across the term “pharma hack.” In its current form, the pharma hack is an exploit that targets any vulnerabilities WordPress and Joomla documents might have.
Google ranks websites according to the number of quality links they receive from other sites. The main point of the pharma hack is to sneak in a code into your website. The code has back-links to pharmaceutical websites. It aims to place these pharmaceutical websites higher on Google. This is why it is called pharma hack.
The pharma hack doesn’t affect the actual content of the compromised website, so it can be hard to detect. All this hack really does is insert the rogue files into a victim’s website and creates a back link to the hacker’s site. Provided enough websites are hacked this way, the hacker’s site will enjoy a tremendous boost in Google rankings.
Pharma-Hackers and Hosting Servers
Web hosting companies may shut down your website if they realised that it is hacked. There are numerous reasons why a hosting provider might choose to take action against hacked websites. In addition to the more benign offenses such as sending spam mail, a hacked website can be used to launch a DDoS attack on another website hosted on the same server. In case you’re unfamiliar with the term, a DDoS (or Distributed Denial of Service) is a type of DoS attack which targets a single system via a number of malware-infested systems. A large-scale DDoS attack could result in the entire shared hosting server going down. Furthermore, a pharma-hacker can use ransomware software to shut a website down until they get the ransom.
Fortunately, most of these problems are still theoretical. Up until now, no pharma hacks were used to inflict any of these issues to a hosting server.
Attacks of this kind can happen on your website no matter how well you defend your site against malware. This is why it is important you host your site with a reputable web hosting provider who can be contacted by phone, email or chat. Check their About Us and Contact Us pages and ensure that there is a clear and concise process for communicating and resolving technical issues.
The 3 Aspects of the Pharma Hack
The main advantage of the pharma hack is that it’s only visible to search engines. The displayed pages stay the same, which means you won’t be able to detect the exploit simply by looking at the HTML source. Much like the other exploits of its kind, the pharma hack is able to identify and hijack all your high-ranking pages without drawing any attention to itself. Basically, we’re talking about an absolute nightmare for unsuspecting webmasters who have worked hard to optimise their pages and drive organic traffic to them.
Another interesting aspect of this exploit is just how self-contained it is. Though it has to plant malicious files in your WordPress or Joomla folders in order to be effective, the pharma hack is able to disguise itself in a very effective manner. In general, this exploit targets the plugins folder. If the order of the strings is reversed, the malicious files are able to hide in the rest of the database. Once it’s activated, the exploit pings Google to discover how many links a particular page contains. If your site is a desirable enough target, the chances of it being hacked become pretty high.
Finally, the pharma hack only targets the most popular pages on your website. If a certain page doesn’t draw enough traffic, the exploit will simply leave it alone and focus on the bigger prey. As far as these exploits go, this is certainly one of the pickier ones.
This article was put together using information provided by Webhostingology, a New York based web hosting publisher.