BuddyPress.org

You most likely have a trojan on your computer that stole your FTP passwords. If you are on a windows PC take a sledge hammer to it and get a MAC. <– just kidding. You should run some anti-virus and change all your passwords ASAP.

https://codex.wordpress.org/FAQ_My_site_was_hacked
http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
http://ottopress.com/2009/hacked-wordpress-backdoors/

Only way your files can get written to is by someone getting your FTP passwords or has access to server. That is easily done if you get a virus/malware on your computer. Is somebody else accessing the FTP on another computer? Also, bad themes and plugins can do this as well. NEVER use a plugin or theme that was not from a reputable developer or from the WordPress repo.