The other day I went onto my website (manifest.agency) and it had been replaced by a request to install Wordpress. I thought it was legit, do filled in the form to do so. My website has now been replaced with a new WP blog. I have put up a site under maintenance plugin temporarily.
I can see in cPanel that the files of my original website are all still there but just not being pointed at (or something!! I don't know!!).
I've been in touch with 123-Reg who host the site and they told me the following ...
Hi Adam,
Thank you for reaching out on this.
Your website now displays a maintenance page which seems to have been activated via a plugin.
Unfortunately, it seems that your website contains some malicious files.
I’m afraid that you will need to contact a developer who specializes in malware-related matters to further look into this.
Although our system administrators are responsible for the security of the hosting platform as a whole, the security of each web space is the responsibility of its owner.
While looking at the files from the web space e.g. “bryy88p5.php seems to contain obfuscated code.
A guide that might prove to be helpful in this matter would be: https://sucuri.net/guides/how-to-clean-a-hacked-website/
Ask a developer to check your web space and ensure any third-party scripts are identified and removed and any of the scripts exploited are updated or removed.
If there is anything else we may assist you with, please let us know.
Kind Regards,
Georgiana
Is this something you can help me with? If so, drop me a line.