I was brought on board to help recover a website that was possibly exploited by hackers, a Drupal 7 project. What triggered the investigation? My client was informed that their customers were receiving spam emails from the website.
After a thorough review of the project's code base and database. I found multiple exploits and backdoors. All of the issues/exploits were within the Drupal core. None of the contrib. or custom modules were exploited.