It’s never a good sign to see foreign language text on your website, especially if you don’t remember placing it there. If you are seeing Japanese phrases and words in Google search results for your web pages, it’s a telltale sign your website is infected with a Japanese keyword hack (also called Japanese SEO spam). Hackers inject malicious links into your website’s source code or core files to repurpose your web pages as domains selling fake branded merchandise or illegal medications like Viagra, Cialis, etc.

The immediate consequences of the Japanese keyword hack include - seeing Japanese or Chinese characters on the site, the inability to manually remove the spam URLs from being visible on the site, misleading website redirects, pages showing ‘Error 404’ for no reason, to name a few. This eventually negatively impacts your SEO rankings on search engines like Google as site visitors are either duped through the external links or are displeased with the outlook. Once Google’s crawlers identify your website to be misleading or infected with malware, it blacklists your website and drops all your SEO rankings to safeguard others.

How do you confirm that you’ve been hit by the Japanese keyword hack
Since this kind of hack is pretty serious and messes with the core files and the database of your site, a quick and effective clean-up is the solution of the moment. However, to make sure that you’ve been affected by the hack, here are a couple of steps you can follow:

1. Google search your site
Sometimes, there are only some pages on your website that have been affected by SEO spam, in which case, the Google search engine can help you. Type in the root URL of your site and all of the indexed pages of the site will be made visible, including the hacked versions. You can go through the visible search results and check out what looks suspicious, such as titles of the webpage or any descriptions given in the Japanese language, which will be a solid indicator of you being hacked.

2. Scanning your site
Whenever you’ve suspicions that your site is behaving weirdly or get complaints from your regular visitors, the most concrete step you can take is to run a scan of the entire website, inclusive of all the files, folders, content, extensions, web hosting platform, different pages, etc, with a malware scanner tool. The following image depicts Japanese SEO spam detected by Astra Security’s malware scanner:

3. Check Google Search Console
This is also a good way of finding out the hacked content on your site, considering you have registered your site on the Search Console. There are multiple benefits to this, including an important one that provides you immediate notifications via email and alerts you to possible hacking attempts, such as this scenario. Under Search Console, there’s an option named ‘Security Issues’ that provides details of any hack that takes place on your details and at times lets you know of the infected indexed pages.

4. Use ‘fetch’ to work against cloaking attempts
Hackers usually use the cloaking technique to show different URLs than the actual ones and even manipulate the original content visible to the site visitors or the search engines. Even you, as the site’s owner, maybe shown manipulated content or empty pages with ‘Error 404’ when this is not the actual scenario. Here, the ‘fetch as Google’ tool will help in showing what’s actually happened and the hacking details instead of misleading error pages. Resolving the Japanese keyword hack After you’ve detected and confirmed the issue, let’s get to the fixing part. Here’s a couple of general steps that may help in the resolution:

Also read about: 6 Things You Need to Know Before Your Agile Transformation with Safe

Back-up first, since it determines how fast you get back on track for your regular visitors without wasting time to set the website to its original version. Usually, it is always recommended that backups be taken frequently so that clean versions of the site are available for restoration purposes in case a situation like this arises.

Google Search Console provides the sitemaps, and you can delete the ones that haven’t been provided by you, under the ‘sitemaps’ option. Remove any suspicious accounts added on the search console, if any.

For your WordPress site, verify the ht access file under the root directory by using the Hosting Panel file manager option.

Replace all core files to be on the safe side and upload new versions from the repository, which will remove any hacks or malware infections rooted in these - check recently modified files as well while you’re on this step. This is inclusive of all extensions, themes, plugins, etc. Hackers are particularly fond of messing with important files like ‘wp-config.php’, so this is a safe step. Also, check the uploads directory for suspicious files that have extensions like ‘.php’, ‘.js’, etc.

These are only a few steps that need to be followed for resolving the Japanese keyword hacks, but more specific situations for different websites may require more steps that are more tailored to the situation.