I know it's a lot of work, but I'd like to recommend to update SMF to its latest version (1.1.11), and probably TinyPortal to beta 4.
The problem does not come from hackers, since they really are not interested in your site.
The problem comes from hackers competitions: the aim is to deface the most sites in the least amount of time.
For that, they use automated tools to mass-hack sites.
Turkish hackers are very well known for these kinds of competition.
There have been also some attacks from malware groups, where they host files on legitimate sites.
In the first pass, the hackers scan the whole set of IP addresses (2^32 combinations), to detect the existing sites with their tools versions (forum, etc...).
In the second pass, they check what sites are vulnerable to their tools.
The third pass is the attack itself.
Since *every* forum comes with security holes, these forums are patched from time to time (and when the version is incremented, it's generally because a massive hole has been fixed).
So, I strongly recommend that you patch your site.
To give you an idea, you'll probably spend more time fixing your hacked site than upgrading it with the last versions.