New Virus from the domain “ js.donatelloflowfirstly[.]ga “ is infecting many WordPress sites

This is an advertising injection/redirection javascript which sends your visitors off to malicious domains. The javascript in question is injected into EVERY post on affected sites.

Our clients should be automatically protected against most javascript injections such as this (but let us know if you see something like this on your site!).

A quick search for “donatelloflowfirstly” will bring up a bunch of sites which are affected – and a few with instructions on how to clean up the mess.

Posted in Hack, Vulnerability.