Hello mlentz, Welcome to WebmasterWorld!

Unfortunately we may need to change the title of this topic to...

My Website has been Hacked

Sql Injection Virus Problem
[webmasterworld.com...]

Wow, they are using the analytics-google string. That should confuse quite a few people. :(

Bummer, that SUCKS!

Take the site offline quickly before any futher damage is done.

Thanks. Site already offline, and was backed up today before it was hacked.
Just found out that the President of the company decided that Google Analytics would be a good thing, and signed up for it.
Unfortunately, he failed to tell me about it, and had no idea what the impact would be.

Solution: take computer away from my executive.

Just found out that the President of the company decided that Google Analytics would be a good thing, and signed up for it.

But wait, this has nothing to do with Google Analytics. The hackers just happened to use a string that makes it look that way, when in fact, it is not.

It wasn't the bosses fault in this instance. ;)

WAIT, WAIT!

I could be wrong. But, do you see <script>s inserted into your db where they shouldn't be?

A quick search in Google would confirm my suspicions...

"http://analytics-google.info"

This is what I would refer to as GA Brand Damage. The miscreants masked everything in the hack to make it look like a valid GA script. Bummer. Once executed, its a payload of <iframe>s with some pretty nasty encryption behind the scenes.

Double check, triple check your db. Find the cancer and nuke it!