it can be a bit daunting when exploit teams take focus on your site... I ended up closing down a 3 year old forum once because i just couldn't take it anymore, constantly battling hacks, resinstalling forum software, and porting custom mods over and over again to the forum. Scouring the net for the latest exploit fixes only to suffer from new ones. Eventually it got to the point where it was leave the malware and keep the members, or close the site and say goodbye.
This was nuke based sites though, which development being open source and exploit updates being behind, exploit teams had it way too easy. Atleast with vbulletin things are much more secured (in comparison) and security patches much more frequent. Looking at Crustaforum, i've noticed its not up to date software wise, they may want to keep up with that if they wish to keep these exploiters at bay.