Total Posts: 245
We checked the files on your account, and we see the following hack scripts on your account. It looks like these were uploaded through an image upload script.
This is NOT Magento issue. No vulnerabilities have been reported so far about Magento v1.3 and higher. If you have installed any of the free and/or commercial Magento extensions, then make sure they are properly coded and secure. Many of these extensions are either poorly coded, insecure, or both. This can be said about other Php software either customized, commercial, or free. If you have Open Source Php applications including Joomla, WordPress, for example, keep them up-to-date by installing the latest release and applying related security patches.
Your host can blame Magento for lack of security on their server. However, it is likely that one of the Web sites hosted on the server was compromised with either a malware such as a JS or Iframe code. When a hacker successfully inject its maeilcious code into one of the sites, he/she will be able to infect other Web sites; even deface the index pages.
Are you sure that your PC/laptop is secure? Do you have an up-to-date good anti-virus and firewall?
Just in case your PC/laptop is behaving abnormally, format the hard drive and re-install a new copy of the operating system. It is likely that your PC/laptop has been compromised and you are unaware of it.
Make your passwords very hard to guess; and don’t share your login information with your Web designer or any body, regardless.
If you feel it is time to look for another host, I suggest you get a VPS or a dedicated server; go to: ServerTune.com. Putting an e-commerce Web site on shared hosting, in my opinion, is unwise. Good luck!