Common practice is to not directly infect sites, but rather hide malicious content there and redirect to this malicious content from other infected sites. One method of redirecting to such content is modification of the .htaccess file which, under certain conditions redirects to the attacker's content.
Severity
MEDIUM