Just had a similar attack myself. I don't use wordpress but need php for form submissions. Someone injected an index.php file into public_html that prevented index.html from being read. Removing index.php didn't work as it kept coming back.

I found another, similar file called template.html in a subfolder and also noticed that index.html had the wrong file size. Deleting the template.php file and uploading a good copy of index.html seems to have worked, but I've also made public_html read-only.