This message is for gashannon…
Your WordPress Hit Counter becomes a Blogroll Online Gambling link when it is installed. Perhaps your plug-in was hacked? But someone needs to get it taken down. It was a meltdown for me on my client’s site yesterday.
I found this thread which proves it was the WP Hit Counter, it contains a number of people who experienced the exact same thing going back at least two weeks:
Maybe I was a little naive, but I thought if a plug-in came up from www.remarpro.com, that it would be fairly safe. Searching I believe for site counter, your plug-in was the first to come up.
I also should have known something was very wrong when the upzipped file had 1400 some files. But I was sleepy, installed it, it didn’t work, and it wasn’t til the next morning when I realized the hack. It had put the blogroll right where I tried to drag the WP Hit Counter, into the right sidebar area. Nothing had appeared at the time, but I almost had a heart attack when I saw the blogroll (I hadn’t had one previously) and the online gambling link. The client I am working is so non-web-design savvy, and paranoic, had I not caught it, I could have lost the gig.
I could not implement any of the other fixes suggested in the link above; they were way over my head. All I was able to do was to delete the plug-in, and go into the links section in wp-admin and delete the gambling link. But I am very paranoid about what else it could have done, or might do in the future — at least the much more knowledgeable people than thought there were all kinds of things that had to be done to really remove the hack. Got only knows that the 1400 files are doing!
I reported it to www.remarpro.com, but have not heard anything yet. PLEASE take down the plug-in until you can make it hack free. People will continue getting attacked until that happens.
Thanks for your time…
