My asp.net site was hacked last week. I found a user I never put there that had administrative privileges, which I am pretty sure is how the site got sprinkled with a number of asp. php, and web.config files that were not supposed to be there, and also the main web.config file had been altered with a redirecting thingy. The site uses asp.net controls for all queries (so they are parameterized), and has only aspx pages, and a couple of html pages.
The purpose of the hack was to redirect any links to my site generated by search engines to other sites.
I have cleaned out all the offending files and seem to have the site back in working order.
My site is low traffic -- maybe 50 visitors a day. So it seems to be to be a lousy target for a hacker, which makes me conclude that it was likely some kind of automated hack. I can't believe an individual would have sorted through the site adding files here and there, and modifying some files. It just would not be worth their time.
My big question -- how would someone (or even more-so a bot) have been able to create a user with administrative privileges??
I'm thinking it is likely a host problem, but of course they say only my site has reported a hack.