Magento Open Source 2.2.x
Security Action Plan

If you suspect that your site is compromised, follow this action plan without delay.