Hello I hope someone can give me some help with this problem, I know multiple people are facing this issue, which seems to have surfaced last week (this string at least):
My .htaccess files on my web server are being repeatedly injected with redirect code, to Russian malware sites. For instance, the first redirect was to "brend-store.ru". I quickly removed the redirect code from every .htaccess file, and that fixed the problem temporarily. However, about everyday (besides Saturday/Sunday- do hackers need rest too?!) the .htaccess files are injected again, and I have to repeat the same steps.
At this point, I don't know if this is a FTP password stealing problem/trojan virus on my computer, or if there is some hack code in my websites' files that is allowing these attacks.
Anyone have any help? I am becoming desperate.
FYI: I am resetting my FTP passwords daily, running antivirus scans multiple times a day. This seems to be directly related to WordPress users, so I am guessing the hack is coming/came through WP somehow.
Thanks for any help!