Japanese Keyword Hack Malware Removal Guide

By October 8, 2021 No Comments

Japanese Keyword Hack Malware Removal Guide

Blog by Darath Leon | October 8, 2021

We have been receiving phone calls regarding websites being infected with the Japanese Keyword Hack, and requesting our services to remove it and restore their Google rankings.

This virus is not only an aesthetic nuisance to your interface, but affects your search rankings because these low quality, foreign language pages get indexed under your URL and wreak havoc to your SERP profile.

Japanese Keyword Spam in WordPress

This has been our process for identification and removal of this sneaky virus.

First off, to confirm that your website has the Japanese Keyword Hack, run a site search (site:_your site url_) on Google first.

View in Google Search Results

search results appearance Japanese keyword hack

View on WordPress Login Page

wordpress login page view Japanese keyword hack

Commonly Infected Files

  1. index.php
  2. wp-load.php
  3. 404.php
  4. view.php
  5. .htaccess

Preventative Steps to Implement

  1. Make sure weekly backups of the site are enabled.
  2. Have a comprehensive WP security solution installed and configured for weekly scanning.
  3. Remove any unrecognized users from WordPress, and even ex-team members, or even current team members who don’t require regular access.
  4. Remove the same users as above (in #3) from Google Search Console.
  5. Check for any plugin updates or vulnerabilities that need to be updated.
  6. Check for any unrecognized changes on cPanel affecting the .htaccess, WordPress theme, and index.php files.
  7. Check for any mobile usability issues reported on Search Console.

If Infected, Make the Following Immediate Fixes

  1. Replace site files with the latest backup from the previous week, or replace the index.php, .htaccess, and theme files with fresh copies from the most recent backup.
  2. Remove unrecognized users from WordPress.
  3. Remove unrecognized users from Search Console.

After Infection is Removed, Make the Following Changes

  1. Change WordPress login.
  2. Change cPanel login.
  3. Update any vulnerable plugins.
  4. Make sure a comprehensive WP security solution is installed and automatic scanning enabled.
  5. Re-submit website sitemap.xml file on Search Console.
  6. Submit any 404 pages still showing Japanese code on search results to Google search removal request tool on Search Console.

It typically takes 1 to 4 weeks for the Japanese characters pages to fall out of the search index after we’ve completed our removal protocol. Obviously, the sooner this hack is addressed and properly dealt with, the better for your website and business.

In this age where website cybersecurity is more crucial than ever, please give us a call if you have any questions.