OK, so there is serious hackage going on across 2.7.1 2.8 maybe more.
If you see this code added to ANY of your files you have been hacked!
<? /**/eval(base64_decode... /> (this is just the start of the code)
I wonder if the wordpress crew is aware of this major issue?