I'm sure you searched here already, but the answer is always the same.
Your blog is hacked so you will need to un-hack it. Here are the boiler plate links.
Once your blog is cleaned out and deloused, give these a try.
My question is how can someone changed my file?
How can i prevent this to happen in future?
No idea how this happened to you. If you are on a shared hosting plan it could have been via an insecure host *cough* NetSol, GoDaddy, many others *cough*. Or you may unintentionally ran insecure code and they got into your files that way.
Follow the advice in the Hardening WordPress link. If you just clean up your blog without locating and closing the entry point, then this will happen to you again.