xkitSite: songthaimassage.com
Wordpress install using CPAnel
Hacked and vandalized on 2011-09-06 with "failroot" index.html homepage
Today I restored the previous index.php file and see now a flash page. So it appears that there is yet another hack, but within WordPress.
IIRC no WP plugins were installed.
In attempting to login to the wordpress.org forums, I was denied. My password had been reset by a third party and I had gotten email confirmation of this dated "Mon, Oct 31, 2011 at 1:49 AM". I didn't request that; someone else did. So today I re-registered for WordPress using a variant email address that GMail equates as the orignial but that wordpress sees as new (by using a "." in the middle of the email address (more: http://www.google.com/support/forum/p/gmail/thread?tid=5e9aa9a89a976338&hl=en))
I made songthaimassage for my friend, as a favor. I don't understand the motivation to hack it; seems at best to be a waste of time; at worst, an act of misguided hate. Nobody makes any money off of the site. I've been busy with other things and Song told me that he doesn't care.
But I care. How can I fix Song's site and keep it safe?
(I am on a Mac and I don't know if my machine itself has been compromised.)
