Therefore, i’d think this kind of attack is CMS-independant, and the hack might rather exploit a FTP client or weak-server infrastructure …

I didn’t find the trick yet. Keep looking…

I’ve been thinking about a process of reducing the risk of such attacks. It works as follows:
1) Run a local webserver and the blog on your home pc
2) Run a tool which spiders the local blog and creates a html-only copy, again on your pc.
3) Have the tool create a htaccess file which uses mod_rewrite to convert urls in you normal permalink format to the relevant html files.
4) Upload the html files and htaccess file to your webhost.

The idea is that the only thing hosted on your webserver is plain html files, significantly reducing the blogs attack surface. The major trade-off here is that you can’t accept user input such as comments.

As I couldn’t find anything that does what I want, I’ve been creating my own tool to do it. It’s not quite ready, but should be soon and I’ll make it available through my website. A later version might include a small amount of locked-down dynamic code for handling comments.

And yes, I still do like WP – if some of the other CMS apps were as popular ( ahem…cough…cough ) they’d be prime targets too