So I've been hosting with a company for a while, but due to downtimes, slow loading times and unhelpfulness of tech support I moved to a new cloud based host yesterday.

Today, as I was finishing up a move of the Wordpress, WHMCS and IP.Board installatons, I start getting redirected to a sketchy malware site selling drugs in a wikipediaesque site.

I checked my other domains that were transferred, and noticed that they were redirecting as well. At this point, I start panicking and tried to login to WHM to revert nameservers back to the old host, but it was a no go; my WHM login had changed and I could not login.

I immediately went to my google apps accounts to change my passwords to randomized 30 character ones in case they were logged, all while sending my new webhost updates.

I get an email from the host's CEO (!) stating that my account was compromised and that it is currently suspended.

At this point I am not sure what to do. Do I sit around and wait for my host to tell me to GTFO? How could an exploit like this happen? The computer I was using has MSE on it, but I've not been infected on any personal computer of mine. For those curious, I did all my password changing on my neglected Macbook running OSX 10.7 DP 4, which was mostly my email and music computer until now.

I'll just reformat my computer in case it is somehow compromised, and I am still changing all my passwords. My websites run Wordpress with no plugins and a theme I bought from themeforest, and my forums were patched up IP.Board 3.1.4. I had WHMCS that I just updated today to 4.1.2.

What else should I do?