Recently i found some phishing files (PHP/HTML) on my server which were previously not present. I deleted them but later another set of files reappeared.
This is happening for all the sites hosted on my server even after changing the admin panel and FTP credentials .
My Question:
Is it possible for someone using some nulled software to get my server ftp credentials and put those files in the server?
