According to Mashable there are two clues that your blog has been successfully attacked by the computer worm:

There are two clues that your WordPress site has been attacked.

There are strange additions to the pretty permalinks, such as example.com/category/post-title/%&(%7B$%7Beval(base64_decode($_SERVER%5BHTTP_REFERER%5D))%7D%7D|.+)&%/. The keywords are “eval” and “base64_decode.”

The second clue is that a “back door” was created by a “hidden” Administrator. Check your site users for “Administrator (2)” or a name you do not recognize. You will probably be unable to access that account.

Webmasters are asked to update their blogs to the latest version of WordPress immediately. Those that have been hit by the computer worm should backup all files, export their settings, and do a clean install of WordPress. More help is offered at the WordPress website.

Rant:

It’s Sunday and it is time for a little rant. Webmasters who do not update their blogs as soon as a new version of their blogging software is released are acting stupid. A WordPress update usually takes less than ten minutes and ensures that the blog and server is protected from attacks like these. Webmasters who do not have the time to perform these updates should consider switching to a hosted blogging platform like that at Blogger or WordPress.com. The automatic update option that has been introduced in recent WordPress versions makes it even easier to update the blog as soon as a new version is released. Webmasters who cannot do this should not operate a self hosted blog, period.

The ban, which was issued directly by the commander of U.S. Strategic Command, applies to both the secret SIPR and unclassified NIPR nets and includes all removable media including removable hard drives, USB sticks, recordable disks and even floppy disks.

The computer worm that led to the ban has been identified as a virus called Agent.btz which is a variation of the SillyFDC worm which spreads by copying itself on removable media that gets connected to the computer system.

The article reveals several interesting – some would say scary – insights. The computer worm known as Agent.btz is known by most antivirus databases for months at least which leads to the conclusion that the worm is either a variant that cannot be detected yet or that the US Military is running ineffective antivirus software on parts of their computer networks and individual systems.

The second interesting tidbit is that it seems that personally owned, that is non-authorized devices have not been banned in the past.

Eventually, some government-approved drives will be allowed back under certain “mission-critical,” but unclassified, circumstances. “Personally owned or non-authorized devices” are “prohibited” from here on out.

One could argue that non-authorized devices are automatically banned but the system does not seem to have been that effective if a computer worm relying on removable media has spread across the networks.

Now imagine if this would not be just a random well known virus but a planned attack by sophisticated computer hackers knowing what they were doing.. Scary? Yes.