Well, it’s about a Wordpress exploit based on the website cookie, who is very complex and very good made after my oppinion. It’s enough intelligent to make an SQL injection into the database of the blog, to create an invisible user to those who have javascript enabled on their browsers at a simple check on Dashboard->Users, to verify on the server the directories and files chmoded 777, too lookup and execute files with group and root provilleges. Don’t know the name of the exploit and I see there are quite little articles about it although there are a lot of blogs infected.
Read more about it here: http://www.bloggerguide.net/blog-platform/wordpress/wordpress-exploit-giving-backlinks-redirects-and-headaches-but-no-visitors/