Since scare tactics seem to be at least start thinking about the issue, or what drives some people to take fix wordpress malware fix a little more seriously, let me shoot a few scare tactics your way.
Hackers do not have the capability to come to a WordPress blog once you got all these lined up for your security. You definitely can have a WordPress account especially that one which provides you big bucks from affiliate marketing.
There's a section of config-sample.php that is headed"Authentication Unique Keys." There are four definitions that appear within the block. A hyperlink is inside that part of code. You want to enter that link into your browser, copy the contents that you get back, and replace the keys you have with the unique, pseudo-random keys offered by the website. This makes it harder for attackers to automatically generate a"logged-in" cookie for your site.
Another step to take to make WordPress secure is to upgrade WordPress to the latest version. The reason behind this is that there also come fixes for security holes making it essential to upgrade.
Do your homework and some searching, but if you are pressed for time and want to get this advice try out the WordPress safety plugin that I use. It's a relief to know that my site (and business!) are secure.