There is a nice little way to deal with those “júhuā” through IP Rules (blocking via .htaccess merely block web browser access, not for example FTP or SSH).
If you have cPanel hosting, don’t really care if certain foreign countries have any access to your web sites, and have noticed an upswing in SQL injection or other hack attempts, you might consider using the IP Blocker functionality to deny access to all from any related IP ranges.
18.104.22.168/8 (and several others that come from the same place) can no longer access my sites. Blocking a range of IP addresses can be more effective than blocking just one IP address because the hackers typically switch addresses after hacking to get around blocking, but they normally must use another address from the same group. I will watch for other fools and block them when they appear also.