It looks like yet another hack is making it’s way ’round the Internet. This one seems to be targeting WordPress sites (although it’s unfair to attribute the hack to any WP vulnerability).
How do you know if your site has been hacked? Do a site search on your domain. If you see any title tags about pharmaceutical products, you’ve likely been hacked.
To do a site search on your domain, go to your favorite search engine and type in site: followed by your domain name.
For example, a site search on my domain would be:
Christopher S. Penn describes how to find and remove the WP hack in this post.
I had trouble copying and pasting Penn’s code into the SQL editor of PHPmyAdmin due to a formatting error of the text (curly quotes). Here is a clean version of the SQL statement:
SELECT *FROM `wp_options` where option_name like 'rss%' ORDER BY `wp_options`.`option_name` ASC
For more info on the hack, check out this link on the hack described by Chris Pearson.