It’s a tough job to run a website with a certain amount of traffic: it’s a permanent work and day and night (night for the paranoiac!) you must be sure the site is ok. And every morning, same fear and question: is the website still okay?
I took a 2-day break last Thurday and Friday, and Saturday morning I discovered that Geeks3D has been hacked (see some feedbacks here)… no rest for us poor webmasters!
All conditions for a hacking were satisfied: webmaster away and known security issues present!
I think the hacker (certainly a script-kiddie) has exploited one of the security holes of WordPress engine prior to version 3.0.4.
I found and removed the malicious code (available only on the front page), changed all passwords and of course applied the last WP 3.0.4 patch. Hope that will be enough…
I was a bit tired when WP update has been released and as you can see, there’s no mercy for the lazy webmaster…
And thank you guys for all your feedbacks (comments and emails)!