Hackers editing files?

Well, yeah. If you left your files at 777, then most likely they went right for the wp-config.php files and now have access to your database. If you haven’t changed your WordPress password (as well as the password, and probably the username too – for the database) then they can just get in over and over again.

All of your files should be set at 644 or 666, all folders should be 755. At this point you should take care of that, and then go into your hosting control panel (or whatever you use) and set a new database user and password. You’d have to reflect those changes in your wp-config.php file so your WordPress can have the new connection settings. You might also want to contact your host before you do anything and let them know – because if they *did* get into your database, it’s possible they could compromise the entire server. You should let the host know what’s going on, and let them see the activity the hacker has been doing so they can take appropriate action to prevent further loss (if any has occurred). They’ll also help you figure out how to secure your own site so you don’t get hacked again.

You also might read this.

The config file was never 777 as far as I know. I changed the permissions back on friday, and it happened again this morning. They are somehow getting into files with 644 permissions like index.php default_filters.php and more and putting in an iframe code. Im changing ftp passwords, I dont know what else it could be

Did you contact your host about this? If your file permissions are correct, and you’ve gone as far as changing your database password (and possibly the name) then I’d say someone else on the server has a back door left open, and the hacker is gaining access through some other site – possibly wreaking havoc on the entire server. The hoist should be made aware of this so they can track it down and fix it.