4
After checking into it all sites on my hosting server with the file name of index.php had this malware attack and were hacked.
Luckily the hosting provider was able to search and delete all the files where this hack place the <iframe> code.
Trying to see how it got into the server is another issue:
JOOMLA forums had the same problem and described it as a CLIENT SIDE access to the server.
Helping each other with Knowledge