What is MALWARE-OTHER nikjju script injection on this site?

Niktu script injection is a mass SQL: injection campain and an IDS alert for the IP was found also for this url: http://urlquery.net/report.php?id=3500227
Site passed the BING & GOOGLE MALWARE test, the Google bot test, and failed on hostile strings, naturally failed the generic webbot test and is being blacklisted:
http://www.yandex.com/infected?url=2009.npe.org&l10n=en
On Niktu script injection: http://www.ahmsta.com/2012/04/nikjju-mass-injection-campaign-target-more-than2-millions-urls.html link article author = Ahmsta
Here the malware campaign is connected to the Lizamoon one: http://www.ahmsta.com/2012/04/nikjju-mass-injection-campaign-target-more-than2-millions-urls.html link article author = Niels Provos (credits for his sites aggregation) Provos’s conclusion:

For future studies of malware infections, I suggest taking the number of infected sites as a more reliable measure than counting the number of infected URLs.

See: http://scanurl.net/?u=http%3A%2F%2F2009.npe.org%2Fattendee%2Fpress%2Fphotos.asp%3Fid%3D4&uesb=Check+This+URL#results
See the external elements scan here: http://zulu.zscaler.com/submission/show/ed97e9e7cfff45b19ed5752dcad20a0c-1372849484
e.g. https://www.virustotal.com/nl/url/eae715faba4d00a88cf4d964e1e4361f9289b913d55c0c72b03b4edf8440cc5f/analysis/

https://www.virustotal.com/nl/url/afdc02209022e77f79681484b7463b0becdff7395a7c867fb1161a4b705fdae1/analysis/

https://www.virustotal.com/nl/url/390343e9196cfd8e7b8b4e5bd6fc2b23d0a4599f1ee4d44748b9782d1db2612e/analysis/

https://www.virustotal.com/nl/url/be1312389b4622d824a6d94a43b3181a6103192149c1f5c3e1b9cb87bd0e26df/analysis/

For an oversight see: http://jsunpack.jeek.org/?report=08df86c193772807e383ebe285928ddee17d9731 (visit with NoScript active and in a VM/sandbox -
link for the advanced security aware)

polonus