Looks like the so-called hacking “attempt” on my site a few days ago was successful after all. I thought I had pulled the plug on the hacker by removing the PHP-infested comments they had posted, but it looks like the damage was done as soon as they posted the comment. By posting comments with certain PHP-commands, they were able to upload PHP Shell, a tool you can use to execute commands on a remote web server, even if you can’t have normal telnet-access. Bad.

Anyways, it’s now time for some damage control. All passwords will be changed, PHP Shell will be deleted – that’s a shock. In this process, the site might become a little unstable and throw all kinds of error messages at you.

Thanks to JW for informing me about the successful hack and bradc for issuing a fix. If you are using Greymatter, have a look and close the hole.