We’d like to thank everyone that informed us of the unfortunate spammy spam spam through Google Reader.
After ensuring that our blog was up-to-date, we went ahead and took care of the malicious code. If you suspect your own blog of being hijacked and you have linux or a terminal (Macs), here’s a handy command to use to check for injected text within your site/page:
curl --user-agent "Googlebot/2.1 (+http://www.googlebot.com/bot.html)" http://YourDomainHere.tld/ | less
Make sure to use your web address, and you can even specify a specific post.
Other tips include deleting all of the WordPress specific files and uploading the latest codebase (or update through your host). Also, if you have access to the database, deleting the active_post option in your options table. You’ll have to reactivate your plugins (which should be replaced with new copies anyway). Get rid of excess files you don’t need or are suspicious.
Please, if you catch any other suspicious issues here, emails us: admin at watchtheguild dot com.
The Guild Management