Check your server for other software which is exploitable like older wordpress versions, forum scripts etc...You must have hole somewhere which is used to overwrite TP files.
Your tech should handle this, after its done make sure to enable firewall, change ftp/ssh ports and change passwords for server logins!