Two of my wordpress sites, both on the same account, have been hacked and I can not find out where it comes from. I have searched all possible sources to find something similar but found nothing. I tried the usual and turned off all plugins, tried to spot something by screening the files and folders, searched for .exe and iframe but came up short again.
The hack can only be seen in the source code of the sites. At the bottom of the page is a huge list with links that have been injected in a very clever and potentially dangerous way. I say dangerous because when I look at the Google webmaster tools, there is no maleware detected on my sites but id I check what Google sees, I can see ONLY the list of links! All other content gets suppressed by the hack.
I tried Exploit Scanner but it only runs in circles and says 0 files scanned.
Here are the two sites: http://www.accommodationkohtao.com and http://www.island-cruises.org. Any help is much appreciated.