Did you ever experienced anytime that your website is acting wiered by loading other website URL’s like (http://imeanit.cn:8080) when you type your website address in the browser? if so, your website is compromised !!
Compromised? my website? YES, it is, from past one year hackers are targetting the medium and small web hosting companies using exploits and injecting worms into the servers. The virus will deface all the websites index pages in the server by leaving no trace. Solution is to secure the server, clean the server with any good antivirus. sometimes virus will be injected from the your computers also into the website. If your computer is affected by a malware, it will monitor the FTP traffic and send reports to the hacker about your FTP and other sensitive information, Hackers will use bots to inject thrid party links into others websites using the hacked FTP information. MHACK is the Application which were used earlier to deface many websites.
Beware of these XSS, CSS and Script injections into your websites.
Some of the tips to avoid script injections:
Do not click on any executable files received from unknown persons, Secure your computer using good antivirus. monitor outgoing traffic and incoming traffc, enable firewall in your local server, do not take shared internet connection from small vendors.
More Information: http://www.owasp.org/index.php/Testing_for_Cross_site_scripting