This even happened to phpBB.com. Sounds like the same group was responsible. I read a little about it as soon as it happened since I have a server with AWStats. It was via an exploit in the AWStats program, an app that generates web stats for bandwidth, referrers, etc. Cpanel includes AWStat in the package so I asked around about that too. The compromise is only in the standalone version of AWStats before version 6.2 so those of you with web sites and using the standalone (not the cpanel version) better upgrade. While you're at it make sure your host/provider is using the latest version of php as well as there's another exploit there (hear that DAZ?). For what it's worth, phpBB.com was down for a few days. Apparently it really harshed their server, not just the index page. So good going DAZ, way to recover fast. Of course, an ounce of prevention is worth a pound of cure.... ;)