Suspect this may be malicious

Was getting random gibberish php files on all my sites. Spent much time over a year trying to stop including scrapping all my work and starting every site over from scratch after changing all ftp credentials, etc. Did not want to think it could be WP Bruiser, but eventually that was the only variable. Removed it and haven’t had a random php file appear on my server since. Sites load noticeably faster now as well. At the very least, this plugin places a large burden on your server. Wish I had more evidence, but I’ve seen enough that I won’t be placing this plugin back on any of my sites.