If malicious files are created right after you delete them, then a malicious Cronjob may be the cause.
Otherwise, a UNIX process that runs as a background task may trigger the hack.
In this particular case, we’ve identified a bad Cronjob.
Malicious PHP file keeps getting automatically added? Here’s a fixRead More »