- First you need to change your database password, control panel password, FTP password and Joomla admin password.
- Then search for back door scripts in your index.php and other php files. Use "grep" program or SSH command to search for most common hacking terms.
- Also search for insert , update , replace with grep on your whole joomla website. This will help you find the infected file, if the hacker tried SQL injection method.
- Do a Sucuri Site Check for infected files tracking.
- Download the latest version of Joomla and delete the installation folder from it. Then upload and rewrite all the core Joomla files. This will help you get rid of the hacked core files, if any.
- Use Akeeba SiteDiff to compare your old healthy backup and the new hacked website backup. That will help you track down the infected files too.
- Check for the vulnerable extensions and remove them, if necessary.
- Use JAMSS - Joomla! Anti-Malware Scan Script to find out the malware from your website too.
We have a team of professional Joomla developers, who help lot of such users to get back their hacked websites. If you have been hacked and is clueless, then let us fix it for you!