Recently I had some of my sites "hacked" but was mainly caused by my own doing. I had some php files that where 777 that somehow got modified. I don't know all of the details but a small 1x1 pixel is added in an iframe that redirects to another site and attempts to download information.
Below is information I think I found about the exploit from the site that it directs too. Supposedly it's a cpanel backup exploit.
LINK REMOVED - No reason to post this type of infomation - TCH-Bruce
This exploit affected all of my sites that had php files that were 777. I believe it mostly affects php files but I don't remember if it affected html files.
Lesson Learned - No files should have Write permission unless absolutely necessary.
