WordPress sites are vulnerable to injections of the Blackhole Exploit Kit from vulnerability’s but not more so than any other platform.
Even GOOGLE has issues with Malware: http://safebrowsing.clients.google.com/safebrowsing/diagnostic?site=Google.com
If you think your website in NOT vulnerable – you are probably at a greater risk of infection than most folks who come to this page!
Brute Force Attacks and WordPress
It is important to remember that this kind of attack is not specific to WordPress. WordPress is just very popular with non-technical webmasters. I use the term webmaster loosely. If you think you are a webmaster you should have a good understanding of vulnerabilities and how to prevent them as well as how to clean up after an event. You also should have a working knowledge of the hardware your website is running on – if you do not – then you really should contact someone who is a professional developer to assist in hardening your site.
You need to start working your way through these resources:
- My WordPress Site was hacked: http://codex.wordpress.org/FAQ_My_site_was_hacked
- Look at the most recent information in the WordPress Forums: http://wordpress.org/search/hacked?forums=1
- Securi Malware Scanner: http://sitecheck.sucuri.net/scanner/
- Unmask Parasites: http://www.unmaskparasites.com/
- WordPress Vulnerability: http://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html
- Hardening WordPress: