I just realized that my moodle install was hacked last Tuesday. I don't monitor the site daily and it has minimal use but by coincidence I looked this morning and noticed that there are a number of words throughout the course that now auto-link to pop-up ads - see image attached. The words linked seem fairly random and happen at all levels of the course (text on resource pages that I created, city names in user profiles (ex: a user profile's city of London has this link but another user from London does not), gradebook links, etc.). Attached is one example.
I looked in the course account and it looks like someone used Guest User to somehow attack the site (Guest access is not enabled in my course) - see attached -- there are hundreds of logs for this 'user'.
How do I fix this?? I am not a techie but I have a techie that can help me. Thanks.