Good to hear you at least found a symptom of the hack. That's a good first step.
1. Next, I recommend you contact your web host.
If your web host maintains daily and weekly backups, hopefully they will be able to recover your website from prior to this event.
Once they do so, you'll want to make sure all of your passwords are changed and likewise ensure all scripts on your site are updated.
2. Web host has no back-ups
Ok, so your web host has no backups (which is pretty much criminal in the hosting biz). If this is the case, you'll need to log into your website via FTP and start looking around for newly dated files, then work to remove any hacker code you find in them.
3. After action?
Well, once you clean things up it's time to start looking at future solutions. Proactive security is your friend.
_x_ Check your scripts for version updates at least once a month.
_x_ Only host with a web host who maintains "weekly" backups and who does not charge for backup recovery.
_x_ Install Bulletproof Security and File Monitor Plus so you'll know when changes are made to your website (and it's free).
_x_ Change your WordPress admin pass and FTP pass at least quarterly (mark your calendar).
So these are the basics. You can do a lot more by only hosting with web hosts who make security their top priority (i.e., discuss security on their home page, etc.).
Otherwise, I hope all goes well with you.
Also, see the usual malware clearing how-to links: