It appears that someone was able to hack either my web server or my WordPress installation. I am in the process of changing passwords, backing up the database, and then reinstalling WordPress. Please be patient if you run into any delays or unavailability of the site for the next few hours (hopefully less).

Charles

Update: I’ve finished the re-install, password changes, and a change to the web server’s PHP configuration that will at least stop the specific type of code injection that occurred from being able to work, should it happen again. If you experience any misbehavior of this blog, including pop-up/under adverts or unrequested page redirection, please let me know via my contact page or a comment on this post.

Update 2: Checking my anti-virus software logs, I see that it blocked a URL with the ‘TR/Dropper.Gen’ virus. If you suffered any of the page redirection and/or pop-up/under page symptoms from my blog when it was hacked, please check your anti-virus software to confirm that it blocked it, or else I suggest you do a virus scan ASAP, just in case.

Update 3: (2011-10-08 11:40pm EDT) I have completely reinstalled WordPress, reloaded the DB data, and — most important — created and executed a PHP script that searched through every PHP file on my site looking for the offending code injection and removing it (even though in theory it should no longer be able to execute due to some changes I made in the site’s PHP configuration). So, for now, hopefully I’m safe for awhile. FWIW, it would appear this may have been a security breach on my web host, rather than a WordPress-specific exploit.