Since there are other cases, it looks like an automated attack. Your MyBB was exploited to modify /index.php (append), but as far as I understand this was targeted at your visitors' browser by pretty much injecting an iframe.
Follow this to fix the issue http://community.mybb.com/thread-105780.html
and also check your other files for unknown/unseen code.
edit: i fail at grammar
it exploits java applets (accidentally did testing in non sandboxed browser, way to go SKB)
edit2: About 21,700 results (0.20 seconds) when googling <ip>/bt.php
Follow this to fix the issue http://community.mybb.com/thread-105780.html
and also check your other files for unknown/unseen code.
edit: i fail at grammar
it exploits java applets (accidentally did testing in non sandboxed browser, way to go SKB)
edit2: About 21,700 results (0.20 seconds) when googling <ip>/bt.php