A couple of times this week people pinged me to say their browser was reporting my site as a phisher like this. I thought little of it since we’d been hacked before on Dreamhost and WordPress and asssumed we had got on a blacklist somewhere. I rechecked the site, couldn’t find anything, and reported it as an error.
Last night though I found that my twitter bot, CharBotGreen had been suspended as a phisher, and tonight I find I’ve been suspended from twitter too. This is a bit of a blow, and the cause in both cases seems to be that I linked to my blog.
Using Google webmaster tools I discovered that several pages had links to viagra etc pages on them, invisible except in the source, with html inserted through the header php. Firefox and Safari made it difficult to find this out by inserting buggy ‘this is a phisher’ text (with broken links) over the source as well as the page itself.
I’ve now moved off Dreamhost completely – though it might have been simply that I had not updated WordPress enough. I’m on wordpress.com now, so I hope that’ll remove this riskiness.
The whole episode has made me rather depressed. Google has basically killed my online identity. I’m on various lists asking to be taken off, but there’s been no movement since last night, and I had no warning. It seems that there’s a blacklist being used in both cases, not competely sure what it is yet.
Anyway, if it happens to you, take it seriously and deal with it as soon as you can.
Update: I’m actually not on google’s suspended list any more. Hurrah! But still no Twitter. Guess it’s time to move to Identica with that and the madness of #fixreplies. Meh!
2nd Update: I got my Twitter account back this morning (2nd June, 3 days later). CharBotGreen is still suspended.
Useful links:
Google – My Site’s been hacked
Google webmaster tools
Google apps admin page: Google MX Records
PlanB 
Sorry to read this. Interestingly, I just had a very similar adventure, but am not back in Google’s good graces yet. How did you achieve it?
Ah poor you, Hugo – I just used Google webmaster tools to register my domain and then once verified you can request a review which for me happened over night.
My wife’s wordpress (as a CMS, self hosted) site got hacked, 18 Hrs after I set it up. some vuln in atom.php script, allowed write acess to the file system. allowed the hacker to add hard links to the header.php files for every theme, which in this case included a link to an infected PDF, which somehow blew straigh through firefox Popup blocker and macfee (upto date at the time)
Fortunatly a friend reported it to me, within a few hours, and we managed to keep it off the badboy radar
Well, it took 4 days, but I’m back on the Web map. Woohoo.
@hugo yay! and I’m back on twitter, though CharBotGreen is still MIA.
Bloody hell…
Any suggestions to make WP installs more secure on hosted domains? Might be worth pinging your host to see if they are aware and need to tighten up their end. I seem to have had problems with write permissions and WP working at all, so I’d like to know if I’ve left myself open to being a phish supporter…