Wow. Well I would claim surprise but this is a bitcoin project... so...
Also, simple injection is hardly a "0-day" exploit. The fact that you guys had completely unsanitized input on your forums software means you're every bit as responsible for the hack.
Not a zero day exploit anyway. This problem was identified ages ago and patched in SMF 2.x, if you are only running 1.x you are pretty much walking around with your pants down waiting to have your nuts twisted.