I was curious if the folks at Jodohost were aware of this:
http://www.rumblepup.com/the-xiaobaishan-bomb-is-now-the-flyzhu-bomb/
Basically, tens (if not hundreds) of thousands of ASP based sites have been hit with this annoying little hack. A single Google search gives some insight into the types of sites that have been hit - many of them large, popular websites.
Anyways, I bring it up because the author in the above link mentions that this attack is the product of a vulnerability in Windows servers. A vulnerability that has been patched for, but obviously requires the necessary updating.
So far, I have had two different ASP.Net sites hit by this attack - one hosted on Jodohost, another hosted through a separate provider. Both sites employ many levels of protection against SQL injection in the code - so go figure.
http://www.rumblepup.com/the-xiaobaishan-bomb-is-now-the-flyzhu-bomb/
Basically, tens (if not hundreds) of thousands of ASP based sites have been hit with this annoying little hack. A single Google search gives some insight into the types of sites that have been hit - many of them large, popular websites.
Anyways, I bring it up because the author in the above link mentions that this attack is the product of a vulnerability in Windows servers. A vulnerability that has been patched for, but obviously requires the necessary updating.
So far, I have had two different ASP.Net sites hit by this attack - one hosted on Jodohost, another hosted through a separate provider. Both sites employ many levels of protection against SQL injection in the code - so go figure.
