Banana Munki

My website was hacked. A piece of code generating an invisible iframe linking to a website containing badware had been inserted into some files. I figured it out after I attempted to access my website using Firefox which warned me that the website I was trying to view was hosting files that could be harmful to my computer and gave the choice to either get me out of there or ignore the warning.

You can guess how fun that was.

I do regularlly backups so nothing was lost but I, being the busy full-time mother I am; had to change passes, create a new database and do a clean install of WordPress as well as do some reading and tweaking on how to secure a WP installation.

I found the code, that looked something like this:

It was inserted in the current theme in files such as the footer.php and the header.php as well as all index.php files in my installation of WordPress: /wp-admin/index.php, /wp-content/plugins/index.php, and so on. Also in these: /wp-includes/default-widgets.php and /wp-includes/default-filters.php.

Having done the best I (currently) know how to make my website more secure I requested a review of my website by Google through Webmaster Tools and since I now am able to access my website without any warnings it validates (I’ve rid the badware) and hopefully prevented further intrusion.

UPDATE–
Googling the issue I found the suggestion that a virus enters your computer through a torrent program and gets access to a website when you use an FTP program. I use uTorrent and FileZilla so I don’t smash that theory.