WordPress site getting "hacked"


I have a very strange issue that I’ve been encountering with a client’s website. Every so often, the website gets “hacked”. The only noticeable issue with this hack I’ve observed is that the admin name is changed and the site logo disappears. I am able to change the admin name back from the wp-options table, after updating the passwords. When I check, there are no new plugins installed, no redirects in the htaccess file, no additional files anywhere in the WordPress directory. I also have WP Defender active with audit logs on and WP Defender has never detected any issue or failed login attempt.

This site is hosted on a shared server and I am of the opinion this issue is caused by some other site there being hacked. Unfortunately, this server is of the client’s choosing (and they have at least one other site with the same provider) and I can’t get them to move.

I wanted to know if anyone has any suggestions on how I could check for possible issues and then resolve so this doesn’t occur again.