I’ve been hacked again. When you search for “tiara org” or “tiara blog” on Google, and click on the tiara.org/blog result, you get directed to a lovely site pharmacy.multifind24.com, full of spammy spam spam.
Fixing this has been.. frustrating. I have a totally updated WP install. I have fresh passwords on everything. I installed the Ultimate Security Checker plugin (which is pretty great) and followed all the steps (I now get an A). I get a perfect score on the Sucuri security scan. I went through this post about the pharma hack and this post about the pharma hack and followed all the steps (none of the compromised files were in there).
So.. now I am a bit stuck. I searched for pharmacy.multifind.24 with hack, wordpress, hijack, and didn’t find anything.
I will update this post if I figure anything out.