Your website is infected by Malware.
Hackers are using your WordPress website for ‘spamvertising.’
This causes an insane traffic spike. Spam emails are sent from your server with links to existing or new pages that are created by the hacker.
Spamvertising can vandalize blogs, websites, forums, and comment sections with hyperlinks to get a higher search engine ranking for the hacker’s website.
In some cases, an attacker will decide to use your web server as a platform to launch attacks on other websites. This is relatively rare based on Wordfence respondents, who only reported this happening 0.7% of the time. (and it’s your case as I see)
The first thing to do is to install GOTMLS free plugin and scan your website, then check your database for admin users added by malware.
Please attach a screenshot of GOTMLS scan so I can tell you what you need to do exactly.