I have a linux reseller plan on hostgator and recently I received a warning from Google accusing phishing on one of the sites, over the course of the week I was getting notice to all other reseller sites.
We have already tried to clean up some sites and restore a backup and change passwords, but still the problem always comes back, folders with malicious content are created inside the hosting and if we delete them they are created again after +/- 1h. / p>
I wonder if one site might be infecting the other within my reseller because we even left one of the sites with only a basic index.html, no wordpress or anything, but still no malicious content folders appeared again. / p>
I would also like to know if the machine can be in the hostgator that is infected and is passing this to my sites.
I do not understand much of it, I had never experienced something like this, any help is welcome.