Krishna is correct. What you have posted in this topic up until now is misleading and could cause more harm than good. You said:
If I can remove the infringing code that is injecting the nonsense into the <head> I believe I will have fended off the attack.
This is plain wrong and potentially damaging. Have you never heard of hacker back doors? Have you reviewed https://ottopress.com/2009/hacked-wordpress-backdoors/ ?
It seems this particular attack either targets a WP vulnerability or a server side vulnerability.
There are no known security issues in WordPress 3.5.1. If there were, we’d all be using WordPress 3.5.2 by now. As to whether this was a server side vulnerability, you would really need to discuss this with your hosts once you had identified the attack vector and timestamp. Otherwise it is an unsafe assumption.
I have WP sites hosted with different hosts in different countries, they’re all hit!
The recent mass attacks targeted multiple hosts worldwide, so that’s no proof of anything.
I’m merely trying to contribute and help find a solution to this problem
Did you working your way through these resources:
https://codex.www.ads-software.com/FAQ_My_site_was_hacked
https://www.ads-software.com/support/topic/268083#post-1065779
https://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
https://ottopress.com/2009/hacked-wordpress-backdoors/
Did you also review the additional resources:
Hardening WordPress
https://sitecheck.sucuri.net/scanner/
https://www.unmaskparasites.com/
https://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html
your response is extremely unhelpful.
Krishna is a respected moderator on these forums with a proven track record in approximately 30,000 support topics over 12 months or more. Whilst no one is ever infallible, I have personally never seen him give anything other than solid, helpful, advice. Whilst his answers may not be what you want to hear, I suggest you do listen to him.
