Home » Tech » WordPress websites are being targeted by SoakSoak malware
WordPress websites are being targeted by SoakSoak malware

WordPress websites are being targeted by SoakSoak malware

“Hundreds of thousands” of WordPress websites have reportedly been infected recently by a malware that continues to spread to even more sites. The malicious software goes by the name of SoakSoak and is currently causing quite a ruckus on the internet. The websites infected by the malware are being blacklisted by Google due to their tendency of infecting the machines of users who visit them. As of Sunday, more than 11,000 domains have already been blacklisted by the search giant, but that number is now at well over 100.000. If you try to access one of the infected WordPress websites, you will most likely receive a warning from your browser that advises you to turn back, and you should definitely to that if you don’t want malware on your device.

As for why this happened now and why it’s only affecting WordPress sites, security firm Sucuri says that it’s all because of a third-party plugin called Revolution Slider, or RevSlider. The firm says that it discovered a serious vulnerability with the plugin several months ago which was never fixed by ThemePunch, the plugin’s developer. ThemePunch admits that it was aware of the vulnerability since February and quickly proceeded to update the plugin with a fix. However, the company did not make an official announcement giving more details about the matter fearing that “an instant public announcement would spark a mass exploitation of the issue.” Therefore, most WordPress webmasters never updated the plugin because they didn’t know about the problem.

To make matters even worse, many didn’t even know about RevSlider before these attacks as this a premium plugin that more often than not gets bundled into themes. “Some website owners don’t even know they have it as it’s been packaged and bundled into their themes,” Sucuri wrote. “We’re currently remediating thousands of sites and when engaging with our clients many had no idea the plugin was even within their environment.” The only way to stop these attacks for now seems to be to simply use a good Firewall. At the time of this writing, WordPress did not make any comments regarding these attacks.

About Egon Kilin

I’m Load The Game’s co-founder and community manager, and whenever I’m not answering questions on social media platforms, I spend my time digging up the latest news and rumors and writing them up. That’s not to say I’m all work and no fun, not at all. If my spare time allows it, I like to engage in some good old fashioned online carnage. If it’s an MMO with swords and lots of PvP, I’m most likely in it. Oh, and if you’re looking to pick a fight in Tekken or Mortal Kombat, I’ll be more than happy to assist! Connect with me by email markjudge (@) loadthegame.com only