I would dearly love to see functionality that would help identify malware.
I haven't been able to determine whether the vulnerability comes from my host, my administrative password, or a wordpress software exploit.
I also haven't been able to track down the wp_footer() vulnerability. I can't even find the damn wp_footer() function! All I know is that the spam insertion occurred after <div id="_wp_footer"> on the blog's index page and that deleting the call to wp_footer() in footer.php has cleared up this particular problem this particular time.
It would be very useful if a function was added to the admin functionality, and a table added to the database, that would run, store and compare checksums of all the software files. Then I'd be able to nail the infection site by looking for checksum changes.
Is there any hope for this? I've just spent two hours - mostly just looking for where the damn wp_footer() function is defined! - patching over this insertion.