Matt Cutts, the head of Google’s Web spam team, has announced on his Twitter account that the company has notified 20,000 Web site owners that their sites may have been compromised.
“We encourage you to investigate this matter in order to protect your visitors. If your site was compromised, it’s important to not only remove the malicious (and usually hidden) content from your pages, but also to identify and fix the vulnerability. A good first step may be to contact your web host’s technical support for assistance. It’s also important to make sure that your website’s software is up-to-date with the latest security updates and patches,” they conclude and offer a link to instructions on how to go about the cleaning.
Webmasters often don’t notice that their site has been compromised because the malicious redirects are triggered only when a visitors comes to the site by clicking on the results of a Google search – something that site owners or operators never do.