This wordpress site was ridden with malware. I didn’t realize it first. The site was working fine. There was a high bounce rate in Google Analytics. I didn’t realize until Adsense and some other plugins showed issues. One of my other plugins also connects to its server and it was showing problems.
The problem was that whenever a user comes from Google or a search engine to my website, they are being redirected to a pharma website. I didn’t realize this first until I searched for my site in Google. Fortunately my site wasn’t blacklisted by Google for SEO scam.
At first I thought that it might be some of my plugins or themes which might be causing the issue. So I disabled all plugins, changed themes. But the issue remained.
My Malware Solution
I don’t know what I did is technically the right thing to do. In my dashboard, went to updates (wp-admin/update-core.php) and simply did a reinstall.
After reinstall Wordfence was able to run the malware scan again and it easily found the possible files which was infected and cleaned it up.
I hope that this helps people out there.