The SQL injection attack mostly exploits websites running Microsoft's ASP.Net web application framework.The infection injects code into websites operated by restaurants, hospitals, and other small businesses and plants an invisible link in visitors' browsers to sites including jjghui.com and nbnjkl.com.