If you are running a self-hosted WordPress blog, please upgrade your WordPress installation NOW.
This warning from Lorelle shows how critical the issue is.
According to Lorelle’s post, old WordPress installations are being attacked (as you read this), and the number grows by the hour. The current version for WordPress is 2.8.4. Check yours. If its not 2.8.4, you are at risk.
How do you know if you’ve been attacked?
Lorelle also mentions two clues:
There are two clues that your WordPress site has been attacked.
There are strange additions to the pretty permalinks, such as example.com/category/post-title/%&(%7B$%7Beval(base64_decode($_SERVER%5BHTTP_REFERER%5D))%7D%7D|.+)&%/. The keywords are â€œevalâ€ and â€œbase64_decode.â€
The second clue is that a â€œback doorâ€ was created by a â€œhiddenâ€ Administrator. Check your site users for â€œAdministrator (2)â€ or a name you do not recognize.
Attacked or not, upgrade. NOW.
Thanks Stefan, for the hat tip!