In my two year of WordPress Experience, for the first time ever, my blogs got hacked.

The hacker some got access to whole account and added a PHP injection. All the directories on server got random PHP files like 54623.php etc. with encoded code in them and a .htaccess file that makes this PHP file a 404 error page.

From what I have learned, the primary purpose of this hack is to send errors to a different website.

However, Blogging With Success suffered most because of this. I did not see any traffic disappearing, instead, whole blog got down. As of now, I have removed almost all the problematic files from this blog to keep it secure and have contacted HostGator for response.

After some research, it seems that BlueHost servers were targeted with same hack this weekend, so I doubt that this can be a server wide hack.

If you too have a blog on HostGator, make sure to check your directories for any random PHP files.

I will update this post once I get response from HostGator security team.

Update: HostGator support cleared infection from account. Now, everything is back up.