It's excessive if your goal is _solely_ to execute a repeating AJAX request. But, if I'm understanding the attack correctly, this script is injected _in place of_ jQuery requested from Baidu's CDN. If you want the affected sites to appear normal, so the users whose browsers you are highjacking will contribute to the DDOS for the longest possible period, then you want to ensure that jQuery does indeed load.
The OP further clarifies why jQuery is injected _twice_: seems the injection is occurring only for 1% of requests. So it appears the code is looking to see if it has triggered the injection itself, and fires another request if needed.
The OP further clarifies why jQuery is injected _twice_: seems the injection is occurring only for 1% of requests. So it appears the code is looking to see if it has triggered the injection itself, and fires another request if needed.