Thread:Project:Support desk/Please advise on what is happening/reply

None of your links are working (also "static" links like to the RecentChanges page), because they miss the base URL. Having a look at the Recent Changes page for example you have spam in that page at places, where it cannot be put, if the attacker was just using the web interface.

This is not only a spam attack (where people create or edit) pages to add spam. Your wiki seems to have been hacked.

You should disable access from the web and check the situation. Then you must close the whole through which the attacker came in. This whole can also be some other software on the server (it must not necessarily be MediaWiki). Server logs (Apache Logs/FTP Logs) might be helpful to find out what went on. Having a look at the symptoms I guess that someone is able to manipulate the files on your server, e.g. the PHP files. A common place where you might find malicious code is in LocalSettings.php, maybe in some obscure way like decode(base64(...)). But it can be placed basically anywhere.