We found many WordPress websites redirecting to malicious URLs and spam domains. After a deep investigation it turned out to be caused by the vulnerable WordPress OneTone theme. The hack usually takes place in this file: ./wp-content/themes/onetone/includes/theme-functions.php Beside the above file infection, The Hacker also inject a “eval(atob” malicious javascript malware in WordPress database onetone… Continue reading OneTone WordPress Theme Vulnerability