Post author says "root" and posts are getting spam inserted into them

On 3 of our websites, we are getting spam inserted into our posts. I’m more of a front-end developer than backend, so I could really use some help figuring out how to stop this.

We’ve had problems with our sites getting hacked earlier this year, but we’ve set up a firewall and had the sites scanned/fixed, we thought things were better.

The problem is someone or something is inserting spam into our posts, like advertisements for jewelry and drugs and stuff like that. It’s usually in a div that doesn’t show on the website, but it’s still there in the code, and sometimes it does show on our website.

I’ve gone through the posts before and deleted them, but it keeps coming back. The posts also started showing the author as “root” instead of admin, or a users name.

Does anyone know how people are doing this and how I can stop it??

Thanks.