We had tried to upgrade kernel on this server couple of times in last 3 months but evertime the upgrade failed.
Our Senior System admins as well as some other well known system admins failed to complete the upgrade. Someone managed to exploit the old kernel and ran mass injection script which added iframe code in index pages of all
website hostings hosted on the server.
We have system admins who are experts in kernel upgrade but the typical make of this server was responsible for failure of the upgrade. We managed to successfully upgrade the kernel version on 26th Dec 2006 and now the server is safe. We've also found the
website hosting which was targetted to run this mass injection script and that account was previously terminated from the server.
We cannot give such updates to all customers hosted on respective servers and most of the customers have no knowledge of kernel or linux and such minor problems may raise questions in their minds.
We ran replace command to replace the injection with google.co.uk twice in the month of december. This injection was getting executed in IE only and it was just a image and there were no virus
website hosting links or anything harmful for visitors computer.
This should not be considered any hacking attempt or any major problem as iframe code injection is much different from root exploit or hacking.