alfonzoz - 3:45 pm on Jun 4, 2011 (gmt 0)

I really don't think that the WP release has anything to do with it. Usually a hack is about userid's and passwords and about editing the PHP on a feature (plug-in or a theme, for instance).

I got hacked just the other day myself (the green death head thingie); I was careless on one of my hosted servers.

The hacker nailed all the domains that I have on one of my hosts. So I suspect that they actually hacked into my C-Panel or because the passwords were the same on all the domains that I had on that server they got a directory and edited each of the domains with the green deathhead. Don't know for sure... I just fixed it and any potential causes and went on.

I was at Word Press 3.1.2, if memory serves me. Fortunately I had 3.1.3 waiting and installed it on all of the hacked sites except for the one that I left in place to show my hosting company's level 2 folks. I also changed the passwords on all the URLs on that server.

I didn't actually check but I suspect that they did this by replacing the PHP that displays the startup page on my sites, whatever that was (blog or static). My posts, themes, etc were unaffected. After I upgraded, everything returned to normal.

Things I learned:
1. don't use easy passwords... i did because it was easy for me to remember and I have a lot of sites.
2. don't use the same password everywhere... I did because ditto.
3. keep a backup of all your domains on another computer... like your personal pc or another hosting relationship's account. I didn't but I lucked out and had a wordpress upgrade waiting on all the domains that were affected so it was easy to fix.

Bottom line... if you get hacked and don't know what to do about it contact your hosting service's level 2 support. If you do know what to do, upgrade or reinstall if you know how to do that without wiping out your articles and posts, widgits, etc.

Al