If you have a WordPress site on GoDaddy, keep a close eye on it. This week alone two different people have come to me with site issues that have turned out to be the same exact hack. There seems to be a spate of them going on – see this thread in the WordPress forums that I came across – this is the same hack that I found. Fortunately in the cases I’ve seen it hasn’t caused a ton of damage – more a nuisance than anything, but it indicates vulnerabilities in your site. GoDaddy of course will provide you with no help at all – they won’t even check if it’s a hack, they will just assume it’s some WordPress issue and not even give you a place to start trying to fix it. I’m not a security expert so I’m not sure if the timthumb vulnerability was the way in, but in both cases that vulnerability was present. In both cases I found code added to the functions.php file as well as a few other dodgy files showing up.