Silent Noise was hacked?
See here:
http://matchent.com/wpress/?q=node/500
What is interesting is the IP address that the author of the blog post cites as the source of the trouble - 72.167.232.86.
72.167.232.86 belongs to GoDaddy (p3nlh036.shr.prod.phx3.secureserver.net). The server at that IP is host to over 4,000 web sites.
As for how Silent Noise was hacked – that I cannot answer. My first guess was that they were using WordPress but it looks like they may have migrated to Drupal (according to a blog post back in 2008). If Drupal, there are security advisories for the Drupal Core, as well as “contributed projects” that should be investigated.
For example, look at this one:
http://drupal.org/node/579482
The description of the vulnerability reveals that:
“The core OpenID module does not correctly implement Form API for the form that allows one to link user accounts with OpenID identifiers. A malicious user is therefore able to use cross site request forgeries to add attacker controlled OpenID identities to existing accounts. These OpenID identities can then be used to gain access to the affected accounts.”
A nasty vulnerability. It just goes to show – you need to keep *all* of your software updated *all of the time*.