WordPress Malware Attack

SoakSoak.RU Malwate

SoakSoak.RU MalwateThe Russians are coming, the Russians are coming! If you’re running a blog or website using WordPress, they may already be at your door, or even in your website. Security researchers at Sucuri have discovered the SoakSoak.ru malware affecting 100K+ sites and counting since Sunday. Many of these sites are already blacklisted across Google and other organizations that blacklist and block sites. Effectively this attack is a JavaScript injection attack. Your wp-includes/template-loader.php file gets injected with code that allows redirection to the SoakSoak.ru domain and also allows for more malware to be downloaded to your PC. If you want to check your site to see if it’s infected with this, or any other malware, you can use the Securi Site Checker. There is also some concern this issue may come from Slider Revolution vulnerability reported before, so you’ll want to be educated on that topic too. The bottom line is, if you’re putting out a blog or website, you can’t just typed and press “post”. If you don’t keep up on the backend systems, you’ll soon find your site blacklisted by all the major security and search sites, and you might as well stop posting. No one will be coming to your site.

Skip to toolbar