I have (at least) 4 installs that have been hacked, all on 2.5.1 (saudi lords, muslim protests, that kind of home page). All were relatively new (set up within the last 2-3 weeks), and hadn't really launched yet--was still playing with some theme/category stuff. Not the end of the world to delete them and start over.
I'm really concerned now about my other blogs, though. Any thoughts on what they might be doing, and how I can lock them down? Sorry if this is a repeat question--couldn't find anything looking like info on this kind of a hack, and I'm not a super tech savvy user.
Could it be some sort of a plugin hack that they're using? Unlike the couple of times I had a 2.3 or 2.5 hacked, in this case I could no longer log in at all--so they got all the way in this time.
Thanks for any help.