Google has blacklisted over 10,000 websites due to SoakSoak malware however IT consultants believe that the figure will continue to grow.
There are over 100,000 sites hosted on WordPress platform that may be vulnerable to SoakSoak. IT security have noticed that hackers are targeting WordPress users running Internet Explorer on Windows.
The SoakSoak campaign was pulling malware from a Russian domain which is currently offline however it seems that that the malware may have caught quickly by IT security experts.
How does SoakSoak Malware Work?
IT consultants have acknowledged that older versions of WordPress websites that use older versions of a popular slideshow plugin, “Slider Revolution or RevSlider version 4.1.4 and older” are vulnerable to SoakSoak malware.
How do your protect yourself from SoakSoak Malware?
Recently, there was a vulnerability in version 4.1.4 of a slider plugin from ThemePunch. The vulnerability allowed hackers to download any file including database credentials from the affected website’s server. ThemePunch fixed the issue in 4.2 however users who had the slider installed as a bundled theme never received the update. RevSlider’s does have an automatic update mechanism however it is usually disabled and left to the webmaster or IT support services to update.
What make SoakSoak Malware dangerous?
There are more than 70 million websites that run on WordPress and RevSlider. RevSlider is one of the most popular plugins so it’s difficult to know exactly how many and what kind of sites may have been hit by the SoakSoak Malware.