The following is a list of common symptoms that occur when a site is infected with malware. If you see something wrong with the behavior of the site, please refer to these symptoms and perform a malware scan.
Symptom 1 Site redirects to another site
A redirect is when a page is redirected to a site on a different domain than the one originally accessed.
This redirect hack can occur in a number of ways, such as using the COOKIE mechanism to recur after a certain amount of time, redirecting only to traffic via Google search engines, occurring only when clicking on a link on the site, occurring only when viewing the site on a smartphone, and so on. There are some patterns.
The redirects may be to fraudulent sites, sweepstakes sites, or sites where hackers want to illegally increase the number of visits.
Symptom 2: Only certain pages of the administration page are inaccessible 403 or 404
If the site looks fine, but the page to log in to the administration page is not displayed with a 403 or 404, or if you can log in but cannot access only pages with a php extension, HTACCESS may have been tampered with and is infected with malware. If this is the case, HTACCESS may have been tampered with and infected with malware.
Reference
WordPress HTACCESS has been tampered with and access to the admin panel is impossible.
Symptom 3: The server management company notifies me that I am a spammer.
There is a type of malware that can be used as a stepping stone to send spam mails.
This type of malware mechanically sends thousands of spam e-mails through your site, which may cause your domain to be recorded in the e-mail software as a spammer and prevent you from sending legitimate e-mails.
If a malware program is being used to send spam, it is likely that a vulnerability in the plugin has been exploited by a hacker or the administrator’s privileges have been seized.
Symptom 4: The site suddenly stops displaying, only strange strings of text are displayed, the layout does not load and the site is greatly corrupted, or the site displays abnormally slowly.
Many of these display errors can be caused by updating plugins, themes, or even editing the site’s Fucnctions.php incorrectly, but sometimes low-quality malware code can cause errors on your site and result in display problems.
Symptom 5: Unrecognized users are being added.
If you see a user with a random string of characters and a strange email address added to your WordPress admin page or user list, it may be an unauthorized user who was registered as an administrator by a hacker.
Being able to log in to WordPress with administrator privileges means that they can edit and write files, which makes it easy to embed malware.
Free WordPress:Malware Scan & Security Plugin [Malware and Virus Detection and Removal].