A few days ago, we received a hack removal request for a WordPress website using both Malcare and WordFence; it kept getting hacked and injected with Japanese spam malware repeatedly. The site owner told us that he found two scripts injected into his WordPress site; the first one was located under the site's root directory with the name sw.js, while the other was sitting under wp-includes/js directory with the name font.js. The owner also mentioned that they suspect there is a backdoor which is used to keep infecting their site again and again. While auditing the site for malware, we immediately confirmed the site owner's findings; we … [Read more...] about The free.xjs.lol Spam Injection WordPress Malware Cleanup