In the past few weeks, a Trojan (Troj/JSRedir-R) has become the most prevalent malicious infection to ever hit websites. According to Sophos, this Trojan accounts for 42% of all infected web pages in the past two weeks. This Trojan typically targets PHP sites, and is not caused by a vulnerability in the scripts you run. Once the Trojan is on your local computer, it searches for FTP credentials and then uses them to modify the files on your website. FTP clients that store their passwords in plaintext, like FileZilla, are particularly vulnerable to this.