See FAQ My site was hacked in Codex, but really unless you are completely confident you can deal with check/cleanup/secure yourself – your only remaining option is to get/hire someone to do that.
Sorry to hear. You may want to look through the steps and suggestions in this WP Answers post: Verifying that I have fully removed a WordPress hack?
I don’t know what happened, but you can locate the script with grep command. I went to /var/www/ and run grep -r “2819371938193817109948281937271937” *
Over the years, I have developed a process/procedure to recover a hacked site. While backups are good, it’s not always clear that a backup is ‘clean’ and not hacked. My process includes reinstalling all code (WP, plugins, themes) manually (themes/plugins via FTP from known good source, WP via the ‘update again’ on the Update page), … Read more
If you have checked your database entry of the page/article, you will see that it is a issue on Database side, or by any means there was restoring going on because of the crash, that could be an issue or a restoring plugin/script with a bug why a simple character as ‘ gets messed up. … Read more
The malware stores an array of PHP fragments to execute at the bottom of its own file, delimited and encoded using the MD5 hash of the filename. It has a specific GUID to control it; on start up it checks all POST and cookie values for properly-encoded commands: PHP serialized arrays, XORed with both the … Read more
There are many ways to infect a site – and many ways to hide that infection from the ‘popular’ security plugins. One way to detect malicious code is via a file-hash-compare function. You may need to write your own though (I did, but it’s not perfect). That function would compare each file’s hash with a … Read more
Is there a malicious code inside my wordpress site? Probably. Carefully follow FAQ – My Site Was Hacked – WordPress Codex. Then take a look at the recommended security measures in Hardening WordPress – WordPress Codex and Brute Force Attacks – WordPress Codex Change all passwords. Scan your own PC. Tell your web host you … Read more
You should be able to back up your site through your hosting control panel. This is a better option than adding bloat to your WP install to duplicate functionality you already have elsewhere.
Is the malware in each post in the database? If so, something is inserting it, so you need to fix that first. Lots of googles/bings/ducks on how to remove malware from a WP site. (I have my own procedure here that I use for clients: https://www.securitydawg.com/recovering-from-a-hacked-wordpress-site/ ; there are others.) I’d do a thorough cleanup … Read more