Get Wordfence and Get "all in one seo"
Remove the plugins and check for dodgy admin accounts.
I think with the settings in AIOSEO you might be able to block this and if not, wordfence will at least email you with the attempted log in and you can block any naughty IP's
Also check your wp-config file as shown in this hack here:
http://www.ageneralblog.com/wordpress/2015/07/22/wordpress-hacked-with-sophisticated-hack/
I've just removed this from 8 sites on my network so any updats or info would be appreciated