We know about it. 1&1 appear to have taken the write protect off the index.php file and we've been hit by the exploit again.
I can't fix it here at work, I'll sort it out later. If you stay away from the index.php page you should be OK.
I'm slowly losing the will to live with this...... :S