The code is the definition of behavior
Ethereum's 'smart contracts' are essentially programs whose execution is intended to have a contract-like nature. Existing programs, err contracts, include lotteries and other fun stuff.
Of course a new language was needed for the new age of smart contracts. Solidity is its name (essentially C plus extras that were thought to be a good idea from Python and other languages that presumably the Ethereum people have used). God forbid anyone would design a language with reliability in mind: http://shape-of-code.coding-guidelines.com/2015/03/15/ethereum-is-it-cost-effective-to-create-reliable-contracts/
Of course the key to code reliability is following the Ethereum smart contract coding style guide, which of course the majority of people don't seem to be doing: http://hackingdistributed.com/p/2016/06/16/finding-unchecked-send-in-live-ethereum-contracts/
The site has not been hacked. The terms of service quite clearly state that what the code does is the definition of the system. Somebody simply put the time into understanding what a 'smart contract' did and executed it appropriately.
"The terms of The DAO Creation are set forth in the smart contract code existing on the Ethereum blockchain at 0xbb9bc244d798123fde783fcc1c72d3bb8c189413. Nothing in this explanation of terms or in any other document or communication may modify or add any additional obligations or guarantees beyond those set forth in The DAO’s code. Any and all explanatory terms or descriptions are merely offered for educational purposes and do not supercede or modify the express terms of The DAO’s code set forth on the blockchain; to the extent you believe there to be any conflict or discrepancy between the descriptions offered here and the functionality of The DAO’s code at 0xbb9bc244d798123fde783fcc1c72d3bb8c189413, The DAO’s code controls and sets forth all terms of The DAO Creation."