Hi,
Do you know how the attackers gained access to your sites? Unless you plug this hole they, or some other group of mass defacers, will come back and do it all over again.

Contact your hosting company and inform them of the security breach so they can investigate. I shouldn't waste your time trying to go after the culprits, your efforts are better spent recovering your sites. Mass defacers generally go after low hanging fruit and I'd not be at all surprised if they got into your site by exploiting a bug in a well know web application (think forums).

Now might be a good time to review your disaster recovery plan! There's nothing like actually doing it to find out what you're missing.

Jim

Thanks guys for your advice.  Just for the record, I am on shared hosting and I have cpanel.  Is it harder for these lowlife to break a dedicated server ? I suspect that this particular event has arise because I have linked the server to schools.us and on reading a posting from a Turkish hacker on another forum  whereby he states that they do not hack Muslim owned sites only foreign site. As my site schoolsout.us is not even up on the internet I assume this cockroach is targeting domains with a .us with some software of some sort which is very worrying for U.S. citizens.  Most of the sites are corrupted similar to www.mariotalk.com/www.007fan.com/www.nogoinghome.com

Thanks again - JB