One of the most pernicious myths about WordPress is that it is vulnerable to hackers. As the most popular Content Management System, running almost 60% of all websites that use a CMS, there will always be some WordPress sites that are no longer actively maintained or whose owners are simply unaware of what they need to do, so, yes, we will keep hearing about WordPress sites that have been hacked.
The truth is, however, that the huge and extremely active WordPress community, who follow the latest security trends and spring into action whenever a vulnerability is discovered, make the most secure CMS if you follow a few simple steps.
Here are a couple of plugins I always rely on for identifying and fixing malware on hacked WordPress websites.
Even with these tools, ridding a hacked site of malware and malicious code is not a task for the faint of heart. If you want to leave things in the hands of professionals, I recommend that you trust Sucuri to clean your website and restore it to its former glory.