This is what Kirill has to say:

"The site was, indeed, hacked, but it does not seem to be related to
FatBomb. The directory 'fatbomb-data/styles' was created by me during installation, it holds images and CSS files that are used by default
fatbomb templates.

The PHP file has nothing to do with FatBomb though; it's a typical
hacker trick. When a hacker gets an ability to upload files to the
server, he usually uploads a script that allows him to run arbitrary
commands remotely. This script usually has some "typical" name, like
"status.php" is this case, and is uploaded to some place deep in the
filesystem tree. In this case, the attacker uploaded the script to
"fatbomb-data/styles" in hope that nobody would notice it for a long
time. I bet if the site owner reviews the other directories of the
site, he will find many other similar scripts with innocent names
allowing remote command execution.

With regard to the script that was used to compromise the site
initially, i highly doubt it was FatBomb. 99% that it was an insecure
WordPress, phpBB2, or some other popular PHP program."