[gb2world]

I got hit too. I am at Hands-On - so it seems not likely a vulnerability with the hosts.

I never give out the root ftp passwords, but have created ftp accounts for QT and various vendors - perhaps the compromise was there. My host is suggesting they may have intercepted email somehow. I did email ftp information to some vendors.

I saw the iframe edit in the main index file - am putting in a ticket to find all index files that were modified recently. (I don't have shell access - so I am having to look at directories one by one. So far - I have not found anything else.

Can anyone describe any other files or functionality that were modified? I'll be looking at all files that were changed today.