The nice folks at Pipex emailed me this evening to say that they’d located the source of my website hack, from my website logs. It appears that on 9 July someone exploited a vulnerability in an old version of phpBB (I think it was 2.0.8) that was still residing on my server (albeit not being used).
The phpBB vulnerability allowed someone to upload a file (or files) to my server and execute them. I’ve no idea what they’ve been using them for: DOS attack, spamming, or just a simple site hijack?
I deleted phpBB from my server a couple of weeks ago, but too late! This evening I updated the phpBB forum on the exNYCgb website.