Technology content trusted in North America and globally since 1999
8,397 Reviews & Articles | 64,163 News Posts

Google blacklists 11,000 WordPress sites hit by SoakSoak malware

Google has temporarily blacklisted more than 11,000 websites that have been victimized by the SoakSoak malware
By Michael Hatamoto from Dec 16, 2014 @ 12:28 CST

Google has blacklisted 11,000 domains because of a new malware campaign targeting compromised WordPress websites. It's possible that the SoakSoak campaign has hit more than 100,000 WordPress-powered websites, the Sucuri Web security company noted.




"The biggest issue is that the RevSlider plugin is a premium plugin, it's not something everyone can easily upgrade, and that in itself becomes a disaster for website owners," Sucuri noted in a blog post. "Some website owners don't even know they have it, as it's been packaged and bundled into their themes. We're currently remediating thousands of sites, and when engaging with our clients, many had no idea the plugin was even within their environment."


Sucuri has a free site scanner that will be able to determine if your WordPress website is compromised. If compromised, site operators must locate code added to wp-includes/template-loader.php and purge suspicious looking code.


Related Tags