I had my WOrdpress site up for less than 1 week when this low-life hacked it. This time, instead of injecting a script into the database, he modified the theme.
As I was new to wordpress, I had just accepted the default theme of twentyeleven. he replaced the header.php file with a simple ‘hacked by Hmei7’ message. As soon as I deactivated that theme, problem went away.
I’ve changed the passwords using cPanel and all seems okay. (they were ‘medium’ now they are ‘strong’) But I’ve started backing up everything and am grep’ing through stuff looking for any other hack/backdoor/code that doesn’t belong.
Some kids should have been disciplined more by their parents.
