We found many WordPress websites redirecting to malicious URLs and spam domains. The hack usually takes place in this file:./WP-content/themes/onetone/includes/theme-functions.php The Hacker also inject a eval(atob malicious javascript malware in WordPress database onetone.php. The hacker also injects a malicious Javascript malware into the WordPress OneTone theme. The Hacker has also injected a malicious JavaScript malware into a WordPress database.”]