I received an abnormal high number of signals and messages from people abandoning their Wordpress blogs,

because of their hacks, just like Fridaynite did .

It appears to me that simply because there are so many vulnerable Wordpress installations out there, it became a promising goal

to hack Wordpress installs and

• inject some HTML code (for links)
• inject WHOLE POSTS into the wordpress archives (backdated)
• put in some cookie-stuffing code in to overwrite affiliate links’ credits

I’m very sure there are some blackhat tools out there to auto-search and auto-hack wordpress blogs… and if it’s not ready, it’s in the making… there’s gold to be made with this (illegal) tactic and Google is already aware of that, as Matt Cutts (Google’s “insider”) stated that

well, since I heard that Wordpress DOES NOT have a dedicated security team (like Drupal does, who “pester” me almost daily with their updates) I’m very happy having made the strategic decicision for Drupal back in 2005 …

Anyway, what’s left to do is check thru all your wordpress installations on a regular basis and decide to

• cleanup spam stuff (if you find it)
• migrate to a more secure blogging platform
• shut down your blog

Which route will you take?