Happy New Year,
as best that that could mean to you given the circumstances. i just read your post where you stated you were hacked. that is truly unfortunate. i have posted this many times and will just try to summarize it for you, and explain how and why sites get hacked.

shared environments where hosting is $1.99 (as an example) is the most prone to end up having sites hacked. why you might ask, well there are no script kiddies that are goin to pay for a dedicated server or vps server, for see more one, they dont have the funds. so they pool their pennies together and pick up a hosting account for $1.99 for a month. it will only take these kids about 30 mins and they own half the sites on a server on a shared environment. how you ask, well its simple, remote shell script. the setup the account on the shared host, they load up a remote shell script, and once that is loaded on the server they start navigating across the hard drive or root of the server. now this will not allow them to actually damage the server, however, this does gain them full access to any and all files that are in the /home directory. so once they navigate across the server, they are moving this remote shell script with them, planting it on each and every account they access. as they are doing this, there are others who are posting that a server has been compromised and they come in droves.

the phishing files you speak of is just another way of the kids accumulating funds, once the remote shell script is installed on lets say oh 3000 hosted accounts, the will then start selling the domains and the root login of that remote shell script. now the ones who are doing the phishing, are mostly from UK, Russia, and India, where cyber laws are non-conforming to the rest of the world, and they can get away with this type of behavior.

now this leaves you as the unknowing victim. host finds out or is reported to that you have phishing content on the server. you of course had no idea it existed, and this is from shear ignorance. you should read your server logs, or hire an admin to at least review your logs on a daily basis. had you been reading your log files, you would have noticed several 404's to start with, and the fact that calls were being made to obscure directories and subdirectories on your server should have raised a flag.

now how do you prevent this. get off the $1.99 hosting. as upset as you are about your site being down, this could have been prevented. reading the developers server requirements before jumping headlong into this and thinking you are getting a deal when you get your $1.99 hosting account. im not trying to bash you, just want you to understand that the accountability is not solely on the server, or the server security, this is a burden that must be carried by both the client and the host.

Regards,
Happy New Year All
DosDawg