if there's a way to find out who added that malicious line of code at the time?
If they dont leave a signature, i guess close to impossible

If you want info about website malware, read sucuri blog. http://blog.sucuri.net/category/malware
And to check for infection, Sucuri url scanner. http://sucuri.net/