Hi, basically, everywebsite on my hosting (around 15 sites) have all been trashed with this base64 code and its in everysingle php file. It is also creating unsecure google redirects when you click on the site through google formatmediaonline.co.uk (type in 'advertising photographer cornwall' and it'll be on the first page (should be no.1))
I spoke to my hosting company (BlueHost) about the unsecure redirects and they claimed it was google, so i spoke to them and they claim its the hosting company, so i spoke to them, and they said it was out of their scope. Then i looked in some php files and discovered this mass of base64 absolutely everywhere. I got back in touch with the hosting company (they didn't even notice it until i linked them) and they are saying its a plugin or theme with inproper code thats causing the malicious attack.
Can anyone help with this or help identify the problem?
I'm using theme atahualpa for all the sites and the only plugins that i have installed on all the websites are;
All in one SEO
Custom page order
Simply Show IDs
Obviously each website has its own plugins but these are the only ones that are found on all the websites. All the plugins and the theme is kept up to date, and i always ensure when a new issue is released i follow the instructions clearly and if i have a problem, i get in touch with an admin (gold member with atahualpa)
If someone could please help that would be great =/