Sucuri Security Notice
A malware breach has been reported by Sucuri labs -> http://labs.sucuri.net/db/malware/malware-entry-mwjsgen2
Please make sure to have prevention tactics in place. This is not an Avada related issue but a result of security breach as mentioned here -> https://blog.sucuri.net/2015/11/jquery-min-php-malware-affects-thousands-of-websites.html
Firstly, we would like to clarify that this is not a theme related breach or specific to Avada. The Avada core files are malware safe and secure. Malware can however be injected into the reported file via insecure 3rd party plugins, insecure shared hosting amongst other methods.
A hacker is targeting minified scripts to inject and hide the malware. Thanks to Sucuri, this is not possible anymore. As further precaution, you should also look at ANY other minified script within the plugins or other themes which are not active within your installation. This is because Sucuri only scans the scripts and files of the active themes and plugins.
Explanation of the issue by Sucuri:
How to test your site:
Please use the Sucuri scanner here -> https://sitecheck.sucuri.net//
The affected file is as follows -> themes/avada/assets/js/main.min.js
It is also important to note that a fresh download of the latest version of Avada via your Themeforest account is 100% malware free.
How to resolve this if your site is infected:
Method 1 - Replace the following Avada file only -> themes/avada/assets/js/main.min.js - taken from a newly downloaded Themeforest copy of Avada
Method 2 - Replace the entire theme with a newly downloaded Themeforest copy of Avada