Our site just got hacked like this. that “eval base64” thing was on over 20000 files, but it wasn’t just that same code over and over, it was always different. So here’s how i fixed it:

I downloaded everything in to a folder. I used Notepad++ to find and replace with a blank in all files and subdirectories the following regular expression:


that’s it.