There are several signs that indicate your WordPress website may have been hacked:
- Suspicious redirects: If your website starts redirecting visitors to other websites or pages that you didn’t intend, it could be a sign of a hack. Many WordPress contaminations in 2023 trigger malicious redirects.
- Unusual issues reported by Google search console & spam keywords in Google search results – most times it’s Japanese keyword hack.
- Google warnings: If your website suddenly displays a warning from Google that it may be unsafe, it could be because it has been compromised by a hacker. Search results may show “This site may be hacked”.
- Strange pop-ups or ads: If you start seeing pop-ups or ads on your website that you didn’t place, it could be a sign that your website has been hacked.
- Unauthorized access: If you notice new user accounts that you didn’t create or if your own login credentials are no longer working, it could be a sign that a hacker has gained unauthorized access to your website.
- Unexpected changes: If you notice any unexpected changes on your website, such as new suspicious PHP or JS files, pages or content that you didn’t create, it may be a sign that your website has been compromised.
If you suspect that your website has been hacked, it’s important to take immediate action to address the issue and protect your website and its visitors.
Next you should quarantine your website(s): take your website(s) offline or restrict access to it immediately to prevent further damage.
What to do if your WordPress website is hacked?
https://guides.magefix.com/2023/02/wordpress-website-hacked/