Some time ago, my blog was haked. The hack was a pretty benign hack and would be very easy to miss. The hacker changed the URL for the W3C validator (I show the icon in the footer of my blog). I fixed the problem and, for a long time, I have not noticed anything further. Today, I checked the validator icon for CSS validation and found that the URL to the W3C validator had been changed again! (1) shows the correct URL; (2) shows the changed URL (which changes with successive clicks on the CSS icon; (3) shows the footer.php code as it should be; (4) shows the hacked footer.php code. The URL in the footer.php file has been changed to this code: href="<?=@get_wp_results();?>". My footer permissions is set to 644 and I have changed my FTP password. So far, to my knowledge, I have not been hacked at any other site except my WordPress blog. Any suggestions? I am almost ready to completely install a new default WordPress blog, which would be a great deal of work.
(1)
Validate <abbr title="Cascading Style Sheets">CSS</abbr>
(2)
Validate <abbr title="Cascading Style Sheets">CSS</abbr>
(3)
Validate <abbr title="Cascading Style Sheets">CSS</abbr>
