My client was getting spam blogs from time to time, and was deleting them manually. I tried to run a WP Checkup for theSLN.com, but it reported it couldn't publicly access the domain. Thought the next best move would be to install Defender, and let it perform the scan. It reported 2 suspicious files /wp-includes/error_log, and /wp-admin/error_log. I didn't make any changes to these.
I disabled the pingbacks, and then received an email from the client that the blog page was down. I went back to the site, and all but the landing page are now down.