The chance for a malware or virus attack on a Linux server is very low. Normally files uploaded through an infected machine will be the culprit . In such cases , you need to change your Cpanel and mysql password first and then perform a detailed scan on your machine with updated anti-virus. Once the machine is confirmed to be secure, download the webcontents and then remove the malware entries and upload it back. Stop the habit of storing site login credentials on applications like ftp client or web browser. Some viruses are capable of capturing them and upload malicious contents to the server. Also ensure that the installed applications are safe and secure.