wp-blog-header.php hacked by chatbh.net, uaecem.com, 3trqatar.com
We’ve discovered a number of WordPress sites that have had their wp-blog-header.php file hacked. In these instances the hacker inserts links for a number of Arabic language sites in what looks like the footer but isn’t. The text reads ??? ??? ??????? ??? ??? ??? ???? ????? ??? ???????? ??? ????? and the sites are mentioned in the title. It appears to us that they’ve managed these attacks through servers and not individuals’ computers. The temporary solution is easy, simply reupload the wp-blog-header which is in the root directory of your wordpress install. Longer term you need to have a conversation with your host.
Hope this helps.