I have about fifteen Drupal7 sites with Greengeeks and fifteen elsewhere. Starting sometime last year about ten of them are getting hacked and malware is getting inserted into core D7 files. They promptly shut me down (including email) until I go through their list of hacked files and clean up the site and change ftp passwords. A week later, they shut me down again and the malware is back. I of course, have all the latest core, modules and theme versions. No custom php code.
Weird thing is this is only happening to greengeeks D7 sites (some also have wordpress, but not all). All my other hosts, even the Drupal-clueless ones, are clean.
Is anyone else having this issue? Is this a greengeeks thing? What can I do?
Thanks for any help,