Keylogger injection campaign covered 2000 WordPress-sites