Pleased you found the cause.
Edit: Just noticed you are on Joomla! 2.5 - you NEED to go to Joomla! 3.x the entire protection area is much more secure in Joomla! 3.x and jd 3.2 series
I am sure Arno will want to resolve what is causing the problem with your hosting provider. Like most things the challenge is finding the bit that is creating the problem.
To move forward I think Arno will need Super Admin details and probably host site access details.
Maybe you hosting provider can give more details, perhaps you could ask.
As I understand it Blind SQL injection attacks are similar to ordinary SQL injections but a bit more painful for the intruder to do. It seems that to prevent such attacks one method is to send a 'prepared sql statement' to the database; basically an sql statement with the parameters replaced by ? characters. The database the 'compiles' such statements. A separate 'execute' type function is then used to identify the statement and provide the parameter values.
Other methods such as using JInput (used to be jRequest) to extract parameters also helps, jD already uses this.