You can't (well okay, you probably you can... ) imagine how often you see botnet activities as forum staff member if you check the "Who is online" list regularly. It's just plain scary!
Many infected servers are from Russia (at least they have the .ru domain extension), but we've also seen some hobbyist websites, and family homepages etc. that have been infected.
And if you google the information ("gang name") in the text file, you'll end up with a huge list of hacked websites.
Although we've been dealing with this type of threat for a long time now, I've never seen such a clear explanation, examples, and helpful instructions given what to do if you observe such an issue. This article should be something that staff members of forums (plus everyone who has access to a server log) must have seen!
Thank you for providing this article here for further dissemination (as a link of course)