HACKED on a newer version of wordpress

did you install any new theme? Some theme contains eval functions..

I have also seen some WordPress sites that were upgraded after being hacked, but didn’t notice it until after the upgrade. And incorrectly assumed they were hacked while running the newer or latest WP version.

It can be quite subtle if you are not looking for it.

no.. this was definitely a hack.

NOTHING on the website was changed in MONTHS.. no even new plugins!

This hack screwed up my stylesheet, which means that iw ould have noticed it the DAY they hacked it.

I log into this blog about once a week if not more often, so i am 99% sure that this blog was hacked by the most recent eval script while running and updated install of wordpress

Also, a backup dated sept. 04 was clean and that is what cleared me of the hack

NOTHING on the website was changed in MONTHS.. no even new plugins!

Ask your host for access logs. You were hacked alright but nothing you’ve posted shows how.

If these past few days have shown anything at all, it’s that vulnerable versions get attacked quickly. I don’t think 2.8.4 is the culprit (lack of proof is not proof) but if you don’t identify the entry point, the bad guys will be back.

well, that was the project last night.. I went through weeks worth of access logs and didnt find anything.

I also know that it WAS wordpress that was the culprit because I have an e-commerce store and a portfolio on that website, and none of those were touched.

Perhaps the issue is a little closer to home. Could it be residual fallout from any of this:

https://www.bscphoto.com/blog/?p=937

Or, thinking along the same lines as adiant… you were at version 2.8.2 on aug 8th, the 2.8.3 security release update was issued on 08/03, and 2.8.4 released on 08/11. Maybe you have been hacked for a while, and just hadn’t caught any outward signs. When you say the backup was clean, is that indicative of the database as well?