However, the spread if this is via SQL injection, so as long as those sites are insecure, it will keep going..