Quote:
Originally Posted by wolferj  That's a bummer, hope it all works out. I'm not seeing anything out of the ordinary.
Should we change our access passwords or something like that as a precaution? |
I wouldn't worry about passwords. They are encrypted.
The hacker inserted his own adsense publisher code for the banner ads.
Even if I'd edit the template a cron job would change it back every 5 minutes.
I've managed to extract 1 row of a table from a backup earlier in the week.
Its a table that keeps track of plugins. I haven't added anything so it shouldn't have changed in several months.
The banner hasn't changed yet. There is a dot to the right of the banners to tell me that nothing has changed.
There is just one more thing I need to hunt down.
When I revert a template it reinserts the hackers code in the template.