[deanhills]

I have investigate it. The files that were placed by the hacker have been hidden by them deep in the actual hacked Wordpress blog. Until to day I have no clue how it was done. I did discover some PHP shell files though and I guess these ended up there through security holes in Wordpress that allowed an attacker to run arbitrary malicious code to upload the shell. PHP shells are a nasty thing since they can bascially use such security holes to run code modifications on the system as ROOT without SSH access.

Well, my two cents about such cases.

Thanks very much for this response @"Hidden Refuge". It's been worth publishing the thread.

My blog didn't have any users or comments on it. So I imagine the hacking must have been done through the plugins that got updated. A good candidate could possibly be the plugin for sliders. As I don't have that one loaded on my other blogs on VPS 9 and at hostus.us. I'm going to research all of the plugins for anything that may have cropped up for this specific hacking.

But yes, I now accept that my WordPress must have been hacked. As the complaint came through immediately after I had updated all of the plugins and themes of WordPress.