Apologies for the downtime. We were hacked this weekend and wanted to make sure we got all of the malicious code out. I will be posting some updates as I learn more about the exploit, and will hopefully get you guys some information about how to patch your machines.
For those who are curious the exploit in question was mpack.
It's also worth noting that this exploit only targeted users with unpatched machines so as always it is prudent to keep your machine up to date.
Update: After some reviews of our logs and data we tracked the incident to approximately 6:30 pm EST Monday night. We took the site off line around 10 am EST so the exploit was live for around 16 hours. We've contacted the abuse email for the IP in question, but chances are that it was just a compromised PC. I'd like to personally apologize for this lapse in security, and let you guys know that we are taking measures to reduce our liability in the future.
Submitted by James Roe
For those who are curious the exploit in question was mpack.
It's also worth noting that this exploit only targeted users with unpatched machines so as always it is prudent to keep your machine up to date.
Update: After some reviews of our logs and data we tracked the incident to approximately 6:30 pm EST Monday night. We took the site off line around 10 am EST so the exploit was live for around 16 hours. We've contacted the abuse email for the IP in question, but chances are that it was just a compromised PC. I'd like to personally apologize for this lapse in security, and let you guys know that we are taking measures to reduce our liability in the future.

http://blogs.pandasoftware.com/blogs/pandalabs/archive/2007/05/11/MPack-uncovered_2100_.aspx
And Symantec's writeup:
http://www.symantec.com/enterprise/security_response/weblog/2007/05/mpack_packed_full_of_badness.html
But hang in there James, like grspec said, shit happens.
did they get in to the server thru the back door or did they go thru the website and exploit some ajax or php type thing?
sorrry if i just said something completely nonsensical. i am dangerously semitechnical.
I mean... was it the videosift app that let them in, or something else on the server?
btw... macs rule.
hello? is that New Server Company Inc? Yes I would like to place an order.
http://www.infectedornot.com/usa/
The Nanoscan was recommended by Panda Software.
The eTrust page shows that as a high risk one, if many others have it we might want to front page a scan and fix for that and whatever else turns up.