One of our user’s site was infected with malware today and the scanner found it.
The theme files on this site had hidden code that injected the following hidden HTML code (link to a bad site):
It also modified all the “wp-config.php” and “index.php” files and injected malicious code in there.
Here is an example screenshot of some malicious code which was found in the wp-config.php file:
Similar code was also dispersed in various index.php files located in a number of WordPress core directories.