Every user account with access to your hosting control panel, CMS admin dashboard, FTP/SFTP credentials, database, and even your email accounts associated with the domain should have its password changed immediately. Use strong, unique passwords for each account.
Understanding how a defacement like this happens is the first step in preventing a recurrence. The specific intrusion method used by Mr.QLQ is not publicly documented, but based on the nature of the attack (a homepage replacement), we can infer the most likely attack vectors. hacked by mrqlq link
: Search engines prioritize user safety. If Google or Bing detects injected links or defacement payloads, your site will be flagged with a warning page ("This site may be hacked") or removed entirely from search results. Every user account with access to your hosting