What is hacking or hacked content?

Hacked content is any content that is placed on your site without your permission due to vulnerabilities in your site’s security. In order to protect our users and to maintain the integrity of our search results, Google tries its best to keep hacked content out of our search results. Hacked content gives our users results that are not useful and can potentially install malicious content on their machines. We recommend that you keep your site secure, and clean up hacked content when you find it.

Some examples of hacking include:

  • Injected content
    When hackers gain access to your website, they may try to inject malicious content into existing pages on your site. This often takes the form of malicious JavaScript injected directly into the site, or into iframes.

  • Added content
    Sometimes, due to security flaws, hackers are able to add new pages to your site that contain spammy or malicious content. These pages are often meant to manipulate search engines. Your existing pages may not show signs of hacking, but these newly-created pages could harm your site’s visitors or your performance in search results.

  • Hidden content
    Hackers may also try to subtly manipulate existing pages on your site. Their goal is to add content to your site that search engines can see but which may be harder for you and your users to spot. This can involve adding hidden links or hidden text to a page by using CSS or HTML, or it can involve more complex changes like cloaking.

If your site has been compromised and you need help cleaning up the hacked content, see our tips here. Remember, the most effective way to combat hacking is to prevent it from happening in the first place. Here are our tips on prevention.