My blog was defaced yesterday
It wasn’t cool, but thanks to Avi Alkalay who noticed it early and let me know, I caught it early enough.
The attackers probably used some kind of dictionary attack to guess the password to the FTP accounts of my website and another website virtually hosted on my server and opened FTP access to both accounts and uploaded files. To the other website they uploaded a PHP backdoor (that allows access to the local MySQL server and to the local file system with the permissions of the web server) and rootkit.