says @f "These are Dreamhost accounts compromised" - No. Exploited WordPress on non-DH host. See suspect themes: http://blog.sucuri.net/2011/08/timthumb-security-vulnerability-list-of-themes-including-it.html - TimThumb is used in several WordPress themes, was recently patched. More on the TimThumb security issue: wpcandy.com/series-on/timthumb-security-issue. in-reply-to: twitter.com/f/status/111774563230158849