At the risk of starting something...
Looking at all the attacked sites I could and reading all the threads I could find and trying to reproduce the problem, I've come to the conclusion 2.8.4 is secure from this. It seems the auto upgrade of the blog software or plugin upgrades are exposing this hack.
So -has anyone else done tests to see if 2.8.4 is secure?
I only have 2 shared servers to work with.
edit - I've delved into the logs on my busiest site with 2.8.4 - there have been 64 likely hack attempts without success