via forums.cpanel.net => original post link
I recently noticed my server domain public_html index.php and htaccess file is overwritten by someone without permission and the same thing happens on several subfolders.
On some websites, new subfolders are created on public_html all of them have index.php file. Sometimes WordPress related folders are created.
That updated index file has this on public_html