Renzki's hack report
I got a very urgent call for help from Renzki this afternoon. All his joomla sites got a parse error somewhere in mosce.php file.
After checking googles and joomla forum I understood that it's a hack... or more precisely a worm virus. It's very annoying. Almost in all directories, I see files like remote.php guest.php packages.php tests.php create.php etc... and also .htaccess files. those files contain quite the same script, they are base64_encode-ed so we can understand the files from decoding them.
(tohiny)