Their blog at least is running wordpress, from wordpress.com. It's possible that they did get compromised somewhere since all of the things seem to be external to them that they did get compromised and they weren't entirely aware of it right away because of the DDoSing. I can't imagine though that they can't have heard of this by now and aren't trying to do something about it if it's fake.