I am using WP 2.1.2 for two blogs, Reviews, and Process, at the http://www.memoirista.com website.
Last week the reviews blog was blocked because of extreme overuse. It's so inactive, with so little interest, that I couldn't imagine being slashdotted, so I investigated further.
A user calling himself WordPress, with a web site name of http://www.com, had obtained admin privileges (actually on both blogs). He had gone partway down the list of recent posts, and inserted code
<u style="display:none">. After that code there were pages and pages of links, starting with a "viagra" one.
Currently I've downgraded his privileges to "not on this blog" or subscriber only.
I've rescued my blogs from this kind of code problem - mesothelioa, etc. - in the header, footer, and sidebar. Never before in the post.
I did a search on the domain name, and have a user address and phone number, plus the hosting provider. I'm looking for recommendations on what to do next.