It's still the case for me, I am going to negotiate that the terms are changed. It's ridiculous. I understand if the product I'm working on is a conflict of interest, but if it's nothing related to my current employers field why should they own it?
Our website and 2 of our client websites have been compromised like this in the last couple of weeks and they are all across different hosting providers (Zen Hosting and Unlimited Web hosting)
Here is a link to the code we found injected into the index page on our FTP and my attempt at decoding it.. interestingly enough it does relay to javaterm.com as the authors comprimsed site does as well..
We are fairly certain it wasn't achieved through our code as one of the sites is literally 6-7 pages of static html content.
From what we can tell it only ever effects the index page in the root of a servers FTP. In my case all of the shells were deleted(Looking from the FTP logs there were 2-3 uploaded all with different names)