Hello, I have a hosted wordpress blog. Yesterday i noticed that when a page loads, in the bottom left corner of the browser window (where it says the status --contacting/lookingup/requesting the site etc.) it said it was looking up some sites that i have never heard of, obviously spam sites. Once in awhile, a visit to my homepage even redirects to one of these spam sites! i checked my header.php file and removed a suspicious crazy script that was never there before. However, it still appears that loading my site contacts these spam sites somehow. Can someone help me and tell me the best course of action? I have backed up the site recently, but I want to see first if i can manually remove the malicious stuff. also, I have changed my host password and my wp password ...thank you!
You can monitor this page for newly discovered security problems in Wordpress and plug-ins: http://secunia.com/advisories/search/?search=wordpress Also do virus scans on your PC (not the website) with a scanner different from the one you normally use. If any threats are found, change your FTP password again after the scan.