When I go to my website, I get the following text
“Hacked By BLACK C0D3 & W!LSHERE7 XDz”
I had the latest wordpress install, but now it says the 4.9.5 is available.
This happened a couple weeks ago, so I restored an earlier version and installed/bought the CleanTalk security plugin, thinking it would prevent this from happening, but no. I noticed that it happened again this morning.
On my CleanTalk account page, the latest security scan
Last scan Result (Apr 04, 2018)
Total files 621
Failed files 2
Unknown files 0
The two “failed” files paths are below, but I don’t know what to do about them. Could they be modified recently, but the modified date is wrong?
1) last modified date: Feb7, way before the hack happened.
/wp-content/plugins/all-in-one-wp-security-and-firewall/lib/whois/whois.parser.php
2) last modified date: 2015
/wp-content/plugins/site-is-offline-plugin/site-offline-options.php