We are looking for assistance in securing our Joomla [url removed, login to view] from hackers who are injecting iframe code into modules on our site. The code will be injected into either a new mod_iframe or existing mod_easy_adsense module setup for our site advertising. The code typically is as follows: <iframe style="visibility:hidden;display:none" src="[url removed, login to view]"></iframe> and injects various ads, music and other resource hogging scripts into our pages. RSFirewall hasn't done a thing to prevent it and changing our database username/password and locking it down to the server IP only hasn't stopped the hackers either. We have to manually remove the injection multiple times per day to keep the site up. We're looking to secure the site so it doesn't happen in the future. Also we'd like to identify the hacker if possible as this has been very costly for us.