mr.kro0oz.305 is very prolific. google his name and you'll see many sites he's defaced. all i know is he logged into my website at 3am today using my admin login, and hours later the site was defaced. since he's so prolific, there must be some vulnerability he's utilizing. i was running the latest version of wordpress. they must have been a plugin that's responsible?