1
The Turkish hacker also got about 6 of my sites and they were not all just Xoops. He exploits the cache somehow and uses the admin.menu to alter a lot of things. You have to leave the cache chmodded at 777 or else it will not let you log in as admin. Every site he hacked on XOOPS his altered admin.menu had to be erased before you can get back in to admin. He also tries to exploit the faq and then get into the cache.