Last night I spent around nine hours cleaning malicious code out of every last PHP file in my entire account. This included this website as well as tairisnadur.com, ysgard.org and even some scripts for server status that are not web accessible. The nature of this code was to hijack traffic on our site and redirect it to one of several unsavory sites. While I found no evidence of attempts at installing any sort of virus while on the redirected websites, I highly recommend that all of you run a virus scan just to be on the safe side.
Our hosting company identified the weak point as an outdated wiki running on my account. I have made it inaccessible for the time being and will not be unlocking it until a full upgrade has been made.
I apologize for any inconvenience in not being able to access my sites over the last couple of days. I also apologize if you ended up somewhere you hadn't intended.
A final note is that this code did not affect users of Firefox, or Chrome web browsers. It did affect users of multiple versions of Internet Explorer and a single report that Chromium had trouble as well. I personally would say that this is only further proof that no one should be using Internet Explorer and I would highly recommend switching to Firefox or Chrome.
Posted: Mon Feb 27, 2012 11:04 am