There’s a new malicious software or better known “malware” that is currently on the leash, injecting itself into wordpress installations.
The virus which is known as the “Mal/Badsrc-C“, as the computer security firm Sophos detected it, is primarily found in the file ‘index.html’. It is said that it was planted in such a way that it would only execute itself if it recognize that the user visiting the webpage or a blog was running an Internet Explorer.
http://www.techsterr.com/2011/09/wordpress-malware-alert-malware-spreading-infects-wordpress-installations/