Well, I won't name one of my hosts (cheap US based reseller host of small size)...and 4 of my phpLD 3.1 sites were hacked 2-3 days ago by "MasterTurks". (F'k them, their family and their to be born children) I analyzed their attack and what I think and concluded is : 1. phpLD script isn't compromized. 2. It's better not to run scripts like ArticleDashboard on servers/accounts with phpLD. 3. There may exist some vulnerabilities in AD script (I suspect) or some others which the hackers used to enter your phpld folder and delete the files, leaving their own index.php 4. DB was unhurt, files were deleted. 5. They didn't hack into control panel/hosting account to enter it...no evidence in access logs. 6. They either used XSS, cross-site scripting or similar exploits.
The same thing happened a few months ago to me. First one of my blogs with wordpress got hacked. And the hackers ran a paypal clone email from my server. It was a cheap reseller hosting. The hosting suspended my account on getting instructions from ebay. Then I immediately shifted from reseller hosting to godaddy's hosting. Again it was hacked in hours. When I looked deeply in the matter It was apparent that the hosting servers were not responsible. It seemed like my home computer was actually responsible. Some spyware was running. The spyware was hooking to my ftp sessions and giving the hackers their backdoor. I upgraded my antivirus and cleaned my machine. Now I do not have a problem. Hope this info comes to some help! It may be your computer is already compromised.
This is true... My directory has been hacked 5 times, and not because it's phpLD, because my main site (a static, non-php site) was the victim of the same attack. The attackers are somehow able to change your index.html or index.php to a version of their own. Fix? CHMOD your index.html, .htm or index.php to 444... the hacks stopped after this.