The virus actions upon WordPress platform by inserting a .PHP file in the root of the installation directory and then it connects to the database. On a successful connection various blog posts are modified with long lists of spam links masked with CSS. (the visitors cannot see them, but the search engine robots index those links). As a consequence, you will have to manually check all of your posts and remove the link after the .PHP file removal. The most simple solution to check the affected posts is to create an xml file of RSS feeds from all of your posts and view them in an RSS reader. The rest of the article is available here.

Thanks for sharing this info.