Google Blacklists Websites with SoakSoak Malware

Google has blacklisted over 10,000 websites due to SoakSoak malware however IT consultants believe that the figure will continue to grow.

There are over 100,000 sites hosted on WordPress platform that may be vulnerable to SoakSoak.  IT security have noticed that hackers are targeting WordPress users running Internet Explorer on Windows.

The SoakSoak campaign was pulling malware from a Russian domain which is currently offline however it seems that that the malware may have caught quickly by IT security experts.

 

How does SoakSoak Malware Work?

In WordPress websites, the SoakSoak malware is modifying “wp-includes/template-loader.php” file that makes it a JavaScript file “wp-includes/js/swobject.js” which can be loaded onto every page in the website. After the file has been decoded, SoakSoak malware is loaded from the compromised Russian domain.

IT consultants have acknowledged that older versions of WordPress websites that use older versions of a popular slideshow plugin, “Slider Revolution or RevSlider version 4.1.4 and older” are vulnerable to SoakSoak malware.

 

How do your protect yourself from SoakSoak Malware?

Recently, there was a vulnerability in version 4.1.4 of a slider plugin from ThemePunch.  The vulnerability allowed hackers to download any file including database credentials from the affected website’s server. ThemePunch fixed the issue in 4.2 however users who had the slider installed as a bundled theme never received the update.  RevSlider’s does have an automatic update mechanism however it is usually disabled and left to the webmaster or IT support services to update.

 

What make SoakSoak Malware dangerous?

There are more than 70 million websites that run on WordPress and RevSlider.  RevSlider is one of the most popular plugins so it’s difficult to know exactly how many and what kind of sites may have been hit by the SoakSoak Malware.

 

365 iT SOLUTIONS is a leading IT consulting firm in Toronto providing industry leading Managed IT ServicesIT Support ServicesIT Outsourcing ServicesTech Support Services and Cloud Services.

Take advantage of our Complimentary Network and Security Assessment by 365itSolutions.com

Leave a Reply

Ready to get started? Call us now Click Here