Colin Percival’s WordPress was hacked.
A few releases back, WordPress had a vulnerability that many spam injection … bastards … took advantage of. I am not too proud to admit that I was myself a victim of this vulnerability, even though I update pretty religiously to the latest release of WordPress.
I noticed over the past few weeks that even though I had updated to the latest WordPress release, which is supposed to be free of vulnerabilities, I was repeatedly having spam links injected into the footer.php file in my theme. Frustrated, I went to some of my friends on the WordPress team, and they pointed me at a great article from Donncha O Caoimh. Unfortunately for some who did upgrade, it was too late. The hacker slimeballs may have known about the security issues before we did and went about their merry way breaking into blogs and websites, grabbing usernames and passwords, and planting backdoor scripts to log them in again at a later date.
In this article, Donncha gives an extremely thorough and authoritative treatment of the problem. If you have been the victim of this nasty attack, or even if you don’t know whether you have, it would be worthwhile to review the article and see how your WordPress install stands up to the scrutiny suggested there.