Quote:
Originally Posted by potter
eh.. You're forgetting about having bots scan for certain versions of scripts -- versions with security holes.
|
Usually files like index.html, index.php, etc are not writable by the http user, so a script would not have permissions to write to them to add said code. There are of course TGP scripts and such which write to flat files (therefor them having to be writable by the web user) which is the exception here.
That being said it's almost always a virus with this kind of thing. If not the site owner, then a designer or programmer they hired, an updater, anyone with ftp access. The first thing anyone should do is change all their passwords as soon as something like this happens.