Depending on your settings it is likely the computer your site runs on was hacked. Only with a CHMOD of 777 on the index file it is actually writable. If that is not the case, the attack originated from somewhere else.
It is likely your server runs several sites (also known as a shared box). Lot's of people use the server and might use outdated or insecure software, vulnerable to exploits. It is also possible the hacker used a well-know exploit in the software used by your hosting company to gain access to the system. If one of these exploits is severe enough the hacker could gain access to the other sites as well, since they are on the same box.
My guess would be an automated script is run, adding malicious code to every file starting with index. These can be HTML, PHP and so on. Could it have been caused by Pixelpost? Yes, there is always a possibility due to the fact you can use addons. We don't know if every addon is safe or if it contains vulnerabilities for these kind of attacks. The Pixelpost core code, which we do have under control, has undergone several independent security based cleanups to ensure the core code is very secure.