WordPress hacked – michael kors e-commerce site

Hello

sorry if it is not the proper place, but I want to share that my wordpress site has been hacked, 10th april 2014.

The result is :

– introduction of a few lines before the index.php (cf. below).
– creation of a subdirectory named blogs which contains html pages which are from the michael kors web site.

The created lines in index.php are :

[Code moderated. Please do not post hack code blocks in the forums. If absolutely necessary, use the pastebin]

When searching michael kors in the database, it finds instance in the comment tables, and the message part says “obfuscated script tags and XML wrapped HTML”, or “JavaScript with() ternary operators ans XML predicate attack, or “url injections and RFE attempsts”

Hope it helps, check this also on your sites…