I am experiencing another type of spam hack - a spam link inside the wordpress's virtual robots.txt
The weird thing is that it appears only on google webmastertools. It doesn't appear when I go to the file directly (through URL and view-source of that URL)
When I googled the specific spam link, I got results of robots.txt of other wp websites.
The spam links interchanges with another link - which makes me realize it's a kind of a script rather than a code that was injected and stays static? I was checking the robots rendering on functions.php but it seems fine.
Uploading robots.txt to the folder overrides the virtual one so it is solved for now. But the malicious code is still there somewhere.
I was hacked before. I was running checks over the files to verify it's clean and replaced my theme files, and had no problems so far. Perhaps it's an old thing that I didn't notice and wasn't cleaned yet. Still haven't replaced all the wordpress installation, that's the next step.
Any idea/experience? I'd appreciate your feedback.
Thanks in advance.