It was bad, still working on getting stuff back up. I am pretty sure it got in via the XML-RPC exploit in older installation of WordPress. so if you’re running WordPress on my server, please go upgrade it to the latest one if you want xmlrpc.php, I have removed that file from all installation except mine. I think WP from 1.5 on is safe.
If you found any useful info on details on this “Hacked by Metlak” or “Turkish Hack” attack, please post comments to this thread. I’ve only opened up this one blog, hopefully I am safe, we’ll see…