One of our sites has been hit with this as well. Noticed some weird stuff going on with missing braces a day ago, today I found a bunch of files that have:
<!–visitorTracker–><?php @ob_start();@ini_set(“display_errors”,0);@error_reporting(0);echo base64_decode(averylongstring);
Also, it looks like it created a few dozen randomly named files that are duplicates of some of the php files in the theme.
Looks like an intrusion, but no idea what would have caused it.
