via blog.sucuri.net => original post link
During a recent investigation, our malware remediation team encountered a variant of a common malware injection that has been active since at least 2017. The malware was found hijacking the website’s traffic, redirecting visitors via a parked third-party domain to generate ad revenue.
Investigating obfuscated JavaScript
Our investigation revealed the following piece of obfuscated JavaScript which was found injected into random legitimate JavaScript files in the environment.