Description:
Malware injections related to massive hacks of websites hosted on Rackspace and Mediatemple back in 2010-2011
INjected scripts load iframes from multiple sites (eg. hxxp://div.electronicscommission[.]com/in.cgi?2, etc).
Typical injected code
< script type="text/javascript" src="/wp-content/plugins/lightbox-plus/css/teal/audio-player.php"></script>
Affecting: WordPress websites. Mostly on Rackspace and Mediatemple.
Mitigation
How to clean a hacked WordPress site