Just a little further data, it seems like this is a broader issue with files that have 777 permissions on hosts with insecure setups, as probably is most common on Dreamhost. Other apps have been similarly affected. See:
replaced my installation with the newest version of thinkup and all seems
well. Please let me know if I can do anything to help prevent anyone else
from getting hacked.
My sympathies. That's always an unhappy event.
If your ThinkUp installation shares space with any other web files, be sure to check them as well. It is likely that, however the intruders accessed your files, anything available was compromised (in this case, any PHP files).
It may also be appropriate to notify your web hosting provider to record the incident and give them the opportunity to examine the server. Larger shared hosting services will sometimes have intrusions that affect accounts that had nothing to do with the original attack vector.