Well actually, it was my site that got hacked by some happy joy-killers in Russia. A couple months ago, I tried pulling up my site from a friend’s house when his Windows Live OneCare jumped into the middle of the screen to say my site had a Trojan virus.
WTF? I thought. Not possible.
It took another month or so before I was able to figure out that folks in Russia had exploited the ability to upload photos in my Coppermine directory to drop veiled code in several spots throughout my WordPress templates and style sheets. They used a java script code called unescape that basically takes a Web address like hackme.russia/stealmydata.i’madumbass/takemycarkeys,too and scrambles it into a mish-mash of unintelligible symbols and random letters.
So there it was, all over my site, and I didn’t even know it. Thankfully, I learned. I deleted Coppermine, changed the permissions on every single file and directory on my site to read-only and changed my passwords.
Since all this went down, Google has gotten involved, red-flagging my site via stopbadware.org (props to them, by the way, for trying to eliminate this kind of stuff). I’m now awaiting a review from Google after having followed their instructions to sanitize my site. So if you’ve been caught in all this stuff, my apologies. And, I should note, lesson learned on my part.