0 SHARES Facebook Twitter

A few days ago someone contacted us asking for help to clean up their site. They got hacked and the attacker added a bunch of spam links to it.

We fixed it for them and we decided to search for more sites that were also infected. Our surprise: One of Walmart official web sites, www.walmartcommunity.com (for their Community Action Network) was one of the first results.

If you look at their source page you will see all the spam links:

Checking their site with our malware scanner we noticed that all their pages have these spam entries:



It means that the attackers probably injected the spam in one of their templates files. After a bit of search, we found all of them inside the footer.php:

We tried to contact them, but only got their automated response (web site help), so hopefully with this post they will fix it. They are running WordPress 2.8.4, which is not that old, so I am assuming they got hacked via stolen FTP/SSH credentials or something like that.

As always, if you need help to recover from a malware/hacking attack or need someone to monitor your web site for these issues, visit http://sucuri.net or just send us an email at contact@sucuri.net.