Following a malware attacking sites using WordPress content management system, Google has blacklisted more than 11,000 domains. It is estimated that around 100,000 or more WordPress websites have been hit by mysterious malware that turns sites into attack platforms. This Russian malware is called as SoakSoak and is impacting most hosts across the WordPress hosted sites.
[leaderad]
There are over 70 million sites that use WordPress content management system and RevSlider is one of the popular WordPress plugins. At this initial stage, it is quite difficult to know exactly how many sites have been attacked by this malware. Dulfy.net, one of the popular game sites was one of the sites that were infected by the malware over the weekend.
According to the website security company, Sucuri, it will be hard to completely eradicate the malware as long as so many site owners don’t know it exists. They will need to remove the malicious code and also update the premium plug-in. Researchers suspect that it is related to vulnerability in Slider Revolution, a popular WordPress plugin. In a blog post Sucuri’s Daniel said,” “The biggest issue is that the RevSlider plugin is a premium plugin, it’s not something everyone can easily upgrade, and that in itself becomes a disaster for website owner. ome website owners don’t even know they have it, as it’s been packaged and bundled into their themes. We’re currently remediating thousands of sites, and when engaging with our clients, many had no idea the plugin was even within their environment.”
Google has blocked the domains to curb the damage. This malware is modifying file in WordPress wp-includes/template-loader.php that makes it so a JavaScript file, wp-includes/js/swobject.js, can be loaded onto every page of the website. It is suggested to update the RevSlider to the latest version or remove it as soon as possible. Also, clean the admin user list from database and re-install WordPress to replace the infected files by the malware.
Sucuri estimates that the WordPress websites impacted by this attack could be hundreds of thousands. If you believe that your website has been attacked by this malware, you can get it scanned here. Click here and scan website. What do you think about this malware affecting WordPress websites? Let us know your views in the comments section.
