Google posted on the their security blog that they have a new type of violation notice for webmasters, “Repeat Offenders”. This is aimed at websites that repeatedly switch between compliant and policy-violating behavior. The easiest way to think about this is that Google wants to catch the repeat hacked sites. Some sites will post maliscious content and when Google labels them as a threat to vistors they will remove the threat. When Google gives the all clear, the maliscious content comes back.
Sites that repeatedly switch between compliant and noncompliant behavior within a short window of time will be classified as Repeat Offenders.
When a site is established as a Repeat Offender, the webmaster will be notified via email to their registered Search Console email address. Once Safe Browsing has designated a site as a Repeat Offender, the webmaster will be unable to request additional reviews via the Search Console. Repeat Offender status persists for 30 days, after which the webmaster will be able to request a review.
What does this mean to the average website owner though? Google says this will not effect hacked sites. If your site is hacked and cleaned up, but gets hacked again. It’s possible that this could hit your site with a 30 day penalty. They might have some magic algorithum that will know your site is hacked, and not someone who post malware purposely. If it did mistakenly catch your site, your webmaster would have to wait a full 30 days before applying to Google to remove the notice.
It will be even more important to hire an expert to clean up your hacked site now. Not only clean up the hacked content, but also put some security in place to protect from a repeat website hack.