For the Wordpress users out there, here are some links to information about ways in which WP has been exploited using iframe injection. Let me say first that it’s been happening to a lot of people, it’s been happening for a while, and from all my reading it seems nobody really knows exactly how it is happening. I’d also like to note that even people who have upgraded to the newest version have had it happen. I repeat: even people using the very latest version have experienced it. It appears to be a problem with having registered users and/or the xmlrpc.php.

iframe injection problem?

wp-stats[1].htm Downloader Virus

An Old WordPress Version Can Get You Banned In Google

There’s more out there to be found on this, but these posts and threads are the ones supplying the most information about how to fix it and what it is. If anyone has any questions, I might be able to answer them.

When I get back from the store, I’ll be doing some thinking about what to do with my web site. I hadn’t planned to do anything drastic with it, but the situation has changed. Now it looks like I either need to upgrade to the newest version of WP, which is still having problems and which has an admin interface I hate, or switch to something else, which just sucks. There’s sure to be at least one whining post today about it.

And thanks again to Ekim for bringing the virus thing to my attention. I’m on a Mac. I wouldn’t have noticed, it would have rolled off the front page, and shortly Google would have banned me for having a web site that infects people’s computers with a virus … and I wouldn’t have known I was doing such a horrible thing. I am so incredibly sorry if anyone had any computer problems caused by my web site being hacked. I feel awful and sad about it. I am so, so sorry.