There are a couple different ways to monitor your site and be notified if your site was acting malicious, which is a sign of being hacked.
On the service side, you can use the Google Webmaster Tools assuming you are signed up for it and Google is indexing your site.
On a local WordPress plugin side, you can use one or more of the following plugins. I say one or more because each plugin behaves a bit differently, and the signatures they use are different as well. I wouldn’t go overboard and install all of them though.
- Sucuri Security – SiteCheck Malware Scanner – Enables you to scan your WordPress site using Sucuri SiteCheck and verify the integrity of your WordPress site.
- Exploit Scanner – Search the files and database of your WordPress install for signs that may indicate that it has fallen victim to malicious hackers.
- Look-See Security Scanner – Verify the integrity of a WP installation by scanning for unexpected or modified files.