This showed up at the bottom of my WordPress page... it was in the index.php of the themes at the very end. Replacing < and > with [ and ]
This was also added in to show up after a search of the site showed no results:
[a href="http://raptorx30.abdon-location.com/" class=giepoaytr title="RaptorX30"]RaptorX30[/a]
The site would try to load some kind of activex if you came at it in internet explorer.
Has anyone else seen this? none of the other sites on my server appear to have problems and i havent seen any modifications anywhere else in the site in question, which would lead me to assume it was some kind of vulnarability with the blog itself rather than my password being cracked.
I am using 188.8.131.52 so I probably need to update to 1.5.2... but before I start going nuts and locking all my systems down and changing already very complicated passwords I want to check and see if this is a known issue with the version I'm running.
Thanks for your help!