Gizmo, the problem is they have bypassed the registration system with their own that allows form injection. It's not spam they are dealing with.
Listen, I'm know I'm going to come off as a total ass over this, but your former company choose to modify their board in such a way that compromised it. This is their problem and has absolutely nothing to do with UBB. Only they can address this by securing their code, denying the IP addresses in .htaccess, and removing the malicious registrations. Obviously some script kiddy is trying to prove a point. I wish you guys luck getting it worked out.
