WordPress Security – Unwanted Redirects via Infected JavaScript Files
We’ve been watching a specific WordPress infection for several months and would like to share details about it.
The attacks inject malicious JavaScript code into almost every .js file it can find. Previous versions of this malware injected only jquery.js files, but now we remove this code from hundreds of infected files. Due to a bug in the injector code, it also infects files whose extensions contain “.js” (such as .js.php or .json).
Read more: WordPress Security – Unwanted Redirects via Infected JavaScript Files
Story added 4. April 2017, content source with full text you can find at link above.