Do you use the web interface to Awesome Miner? If so, change the port and reset all passwords to very long tough passwords. Do you have multiple accounts in Awesome Miner?
Do you use the cloud service with Awesome Miner? Change the passwords there as well.
Now, the remote site... what kind of firewall do you have there protecting your machines from the internet? What ports do you have opened or forwarded?
I do not use the web interface. I only have 1 acct with awesome miner. I do not use cloud service. I do have a firewall in place. No open ports or forwarded ports.
Further diagnosing. I reinstalled firmware on miners and changed the password to those 2 miners and this seems to have fixed the issue. Will update if anything changes. I now am fairly certain the vulnerability was through Awesome Miner as that program had full API access.