Gday all. Recently i had a site i admin get injected with some encrypted code. To start it was just a trojan download to all visitors. But then after a day or 2 it got a bit worse. All content was deleted and just spammy crap on the site. No big deal, i got the host to patch and backup. The host said only that it was russians. Apparantly there is nothing they can do. My question is would it be a beneficial method to find weak servers then inject code to point to lets say a payed adds page. Or would that just land yourself in trouble. If it was pointing to a free site etc. Not sure if this is just a silly thread but it has been on my mind for a week or 2 now. The russian that hacked me was just silly. I believe if it was a much more soft attempt it might have gone unnoticed for a long time.