1) Update the scripts installed in the affected account along with all plugins, modules and themes to their latest versions. That will fix the vulnerability so hackers cannot compromise your account again. You can perform those updates from the admin panel of the script.
2) Change all passwords to hard to guess ones. You must change the FTP password, the password you use to login to the admin panel of your script and the password of the MySQL username the script uses to connect to the database.
3) Check the list of the affected files above and take actions to remove the malicious code from them or delete the files completely.
4) Activate automatic updates in your script for the core, plugins and themes so you do not have to do it manually and your script always runs the latest version. That will keep your website secure at all times.
5) Use latest stable PHP version for your web site software.
6) Delete passwords from all FTP clients and do not use the Save Password feature. Update the FTP clients to the latest versions.
