If you have been attacked don't feel bad as an Internet search of "b.js" reveals tens of thousands of hacked sites.
The attack cleverly appends a series of SQL commands onto your querystrings and if your code is unprotected, and you don't use Access databases, the commands may be passed on to your SQL server and the damage done.
However, this attack could render your website as "unsafe" in search engine results.
Reversing the Damage
We are also extremely fortunate that the changes can be easily reversed with a few changes of the attackers original SQL commands.
Simply execute the following to clean up the damage. If you have been attacked multiple times (ie. you have multiple script blocks appended to your SQL data) then you will need to execute the following script for each attack.
Get the latest posts delivered to your inbox.