How to Recover Website from Japanese Keyword Hack in Google Search?

How to Recover Website from Japanese Keyword Hack in Google Search?

One of our websites was hit by the Japanese keyword hacks. Hacker injected malicious content and file into the Webhosting and manipulates your Google Search result for your website.

If you do the Google search for that website, you can see the malicious link with Japanese/Chinese keywords ranking on Google Search..

Open web browser and do a Google search.

site:example.com

Result for hacked website:

hacked site Japanese keyword in Google Search

Caution: This is very much bothering and it can harm your website SEO. In fact, if you don’t act immediately, Google even can blacklist your website.

The only way is to ACT NOW!

There are three steps involved to recover website from Japanese keyword hack.

  • Recover and remove all the malicious code from the website.
  • Ask Google to crawl your website again after removing all the malicious code.
  • Remove Unwanted URLs from the Google Search.

Finally, I will also guide you how you can prevent such attacks in the future.

Let’s check one-by-one. Parallelly, you can also follow the steps and takes action to recover your hacked website.

Recover Website from Japanese Keyword Hack

Two ways you can recover your website.

Recover Old Backup

If you have a backup, you can recover your website. Many of the hosting providers provide the auto-backup and recovery option. Open your cPanel, and search for “Backup”. If you are not sure about it, you can contact your hosting provider.

With just one click you can recover your website. Make sure recovered backup is generated before website getting hacked.

This is the easiest way of recovering website.

If you don’t have backup available, you can remove the malicious contain manually. But for this, you need some basic understating about the code.

Remove Malicious and Unwanted Code from Website

Here are few steps you should follow.

  • Get access to your website files through the File Manager. Open cPanel and then select File Manager.
  • Check files index.php or .htaccess. If you see any unwanted code inside the file, you can comment it out or simply delete them.
  • For WordPress blog, reinstall WordPress. In Japanese keyword hack, usually, hackers modify the WordPress files. It will overwrite the WordPress file.

If you open any of the malicious links, it will be redirected to the Page Not Found page with 404 or 410 HTTP status.

Great! You have recovered your website. Now, you have to tell this to Google and ask to check your website.

Reindex Malicious Links from Google Search

Usually Google periodically crawl your website. This way, it will remove all the malicious link from Google Search. It may take few days to for Google to crawl your website. And it is not worth to wait for this.

After doing lot of research I found proven trick to force Google to crawl your website.

Create a Sitemap with all Malicious Links

You need couple of Google chrome plugins to get all the malicious links. (All these plugins are FREE.)

Open in the chrome browser and search.

site:example.com

(Replace example.com with your website domain.)

Infinite scroll plugin allows you to scroll till the end. After scrolling to the bottom of the Google search, extract all the links using the Link Klipper plugin.

It will download one txt file which will contains the list of all the indexed URLs.

This will include your website links as well as some other website links. You have to filter out the URLs by remove other website links. Doing it manually is a very time consuming and tedious job.

I have written small Python script to automate this job.

Replace URL of your website home page for website_url.

website_url ="https://example.com"

with open("www.google.com_2nd_Jan_2021.txt") as fd:
	data = fd.readlines()

new_list = []

for line in data:
    if line.startswith(website_url):
        new_list.append(line)


with open("sitemap_remove.txt", "w+") as fd:
	#fd.write(str(new_list))
    fd.write(''.join(new_list))

Save this code as Python script (says sitemap_generator.py) in the same directory/folder where you have downloaded the URL file.

Run Python script.

python sitemap_generator.py

If you are not familiar with Python, here you can check the steps to execute the Python script.

It will create new sitemap file as sitemap_remove.txt.

Submit Sitemap to Google Search Console

First of all, upload the new sitemap file on your webhosting home directory.

generate and upload sitemap for website

Now open the below URL in web browser to check if the sitemap is accessible.

http://example.com/sitemap_remove.txt

Note: Replace example.com with your domain.

You will see the list of URLs that we want Google to recrawl.

Let’s ask Google to recrawl website to Bulk Remove all Unwanted Links from Google Search.

  • Open Google Search Console.
  • Select “Sitemap” from the left dashboard menu.
  • Click on “Add a new sitemap”.
  • Provide a new sitemap link and submit.
submit sitemap to Google Search Console

This way Google will check all the links in the sitemap and will recrawl it to index.

While recrawling these URLs, Goggle will get a response 404/410 for all malicious links. These links will be removed from Google Search.

It will take a couple of days. Wait and watch.

Remove Specific URLs from Google Search

You can also ask Google to remove particular URL.

  • Open Google Search Console.
  • Select “Remove” from the left dashboard menu.
  • Click on “NEW REQUEST”.
remove URL from GSC

You can either submit individual URL or you can also target all the URL with specific prefix.

In this case, I found many of the URLs start with prefix “content-“. It will remove all the web pages start with prefix “content-“.

This is faster than the sitemap submission procedure. But, if you have tones of malicious links, it is very tedious to remove each individual link.

How to Prevent Such Attacks?

Here are some precautionary steps you should follow to prevent such attacks in future.

  • Change and keep a strong password for all your logins like cPanel, WordPress login, etc.
  • In the case of a WordPress blog, renew WordPress files, update all the plugins and themes immediately. Hackers usually target old version plugins and themes.
  • If you are using any WordPress plugin outside of WordPress’s official repository, update the plugin manually.
  • On the internet, no one can give you a 100% guarantee that your website will not be hacked in the future. Take a regular backup of your website. Anything goes wrong in the future, you can always recover the old backup.

Hope you find this detailed guide helpful to recover website from Japanese keyword hack in Google Search. If you have any doubt or question to ask me, let’s connect in the comment section. I will try my best to help you. See you!

7 Comments

  1. Hi, Please help me. All problems solved but “Create a Sitemap with all Malicious Links” I can not working this method.

    1. Hi Pearce,

      Not sure what problem you are facing. I’m using Python script to copy and filter out all the malicious links from the browser. If you are not familiar with the coding, you can do it manually. The rest of the things are well explained. Kindly let me know if you are not sure about any of the steps mentioned above.

  2. Great article, but after 5 months my ranking still suffering and I have a real mess in GSC(webmaster tools), GSC still shows me 32k of unindexed pages. I think this kind of hack is the worst type of hack for our ranking in SERP.

  3. Hello Aniruddha,

    I am facing similar issue with my site:silstonegroup.com. you can check. Are you free to solve this if yes please connect on my email id.

  4. Bro my site got hacked last 22 October 2022 by Japanese keywords. I have removed all spam links (site: URL) links. But Serpkey searches only four keywords. If you update a new post, you can not find it by searching on Google. All old keywords lose rank. I am in great danger. Wondering how many months to wait to bring back the rank?

Leave a Reply

Your email address will not be published. Required fields are marked *