No new occurrences in the last 24 hours.  I’m trying to monitor this closely. I found some references to gmpg(dot)org in the header file that didn’t arrive with the original theme. I wiped the statement out, then went searching. I found another reference to this site in the sidebar php file which did come with the original theme.

To me, that’s what’s known as suspicious. The reference was a simple href-style link and the gmpg organization appears to be legit, however, just as hackers use the WordPress acknowledgment link in the footer of most sites to target WordPress sites, I’m suspicious that hackers are using this sort of hidden link to somehow target and access a weakness in a given theme.

This is, you understand, totally conjecture on my part, but I’m leaving those references out of my themes from now on, (as well as a bunch of other security measures) and hoping I don’t get a recurrence of those pesky links.

Again, this was not dangerous to anyone visiting. It was pure and simple a means to fool search engines into legitimizing those links that were being inserted and thus raising them to the top of the search lists. The more places with “links” to sites, the more “legitimate” they are, to the search robots. (Do I have that correct, oh computer gurus?)

Back to editing RoL.