If you're a fan of adding fancy plugins to your WordPress installation to spice up your website, you might want to hold back a bit. A new malware campaign from SoakSoak.ru has exploited certain vulnerabilities in a well known slider plugin to infect various domains. As a result, Google has blacklisted thousands of these malware-infected websites, many among them WordPress installations.
According to a report, a total of over 100,000 sites have been effected by this new malware, 11,000 of which are WordPress sites.
How it works?
By using a vulnerability found in the WordPress plugin RevSlider, SoakSoak modifies a file in a site’s WordPress installation and loads Javascript malware.
RevSlider is often used in WordPress themes, so many site owners may not even know they’re using the plugin, let alone that they need to update it to prevent a malware attack. Moreover, it’s not a plugin that’s easily updated, as Daniel Cid from Sucuri security points out:
“The biggest issue is that the RevSlider plugin is a premium plugin, it’s not something everyone can easily upgrade and that in itself becomes a disaster for website owner. Some website owners don’t even know they have it as it’s been packaged and bundled into their themes”
Visitors of infected sites may be redirected to a webpage that will attempt to download malware onto their computers. Google’s decision to block infected sites shortly after the vulnerability became known will hopefully prevent the malware from spreading any further.
Getting back on track
If you believe your WordPress site has been infected by the SoakSoak malware, there immediately disable/remove the plugin, and start working on the recovery process. The following links might help;
- Find and fix hacked content on your site
- What to do if your website gets hacked?
- Recovering sites effected with malware
If you’re in the clear, then let this be a reminder that it’s incredibly important to keep your WordPress plugins updated in order to be fully protected against security vulnerabilities. Updating your plugins is just as important as keeping your WordPress installation updated to the most current version.