Yesterday, some of my autoblogs got hacked. I found my index.php rewritten as a redirect to the hacker's webpage, which is an infected webpage trying to install a trojan. This is what happened: the account-details (FTP username and password) of the hacked blogs were stored in the memory of the FTP-client I use which is Filezilla. I read on forums that Filezilla doesn't encrypt the stored passwords, which makes it easy for hackers to lay their hands on. Probably I had some trojan on my pc which extracted these account-details and send them to the hackers. I know you probably think that I should protect myself against trojans, but lately I hadn't heard any bells or whistles from my antivirus-software, so I didn't know there was something malicious going on under the hood of my computer. Luckily the hackers only modified the index.php file, so I didn't loose my databases and other stuff. I could easily fix the problem by replacing the index file by the original, but it could be much worse. So don't use Filezilla, or at least don't store your passwords in this FTP-client.