WordPress hacked

Interesting that WordPress can be hacked.

Observations

• Blog infected with malware
• base64 decode in index.php
• FAQ
• identified as redirector.ji
• Identified as Trojan:JS/BlacoleRef.W

Research

• Google: base64 decode wordpress hacked site:dreamhost.com 
• Case study of website malware removal
• WordPress Directory and File Permissions

Tools

•  Securi Scan – shows if your site is infected and what it is infected with.
• Searching for backdoor on your server
• TroubleShooting hacked sites
• Example debug sequence

Procedures

• Site that includes steps taken to stop issues
• Looking at recent users