Security firm Sucuri reports
that Google has blacklisted over 11,000 malware-infected WordPress
domains, and over 100,000 sites in total have been affected by a new
malware campaign from SoakSoak.ru.
By using a vulnerability found
in the WordPress plugin RevSlider, SoakSoak modifies a file in a site’s
WordPress installation and loads Javascript malware.
RevSlider is
often used in WordPress themes, so many site owners may not even know
they’re using the plugin, let alone that they need to update it to
prevent a malware attack. Moreover, it’s not a plugin that’s easily
updated, as Sucuri’s Daniel Cid points out:
“The biggest issue is that the RevSlider plugin is a premium plugin, it’s not something everyone can easily upgrade and that in itself becomes a disaster for website owner. Some website owners don’t even know they have it as it’s been packaged and bundled into their themes”
Visitors
of infected sites may be redirected to a webpage that will attempt to
download malware onto their computers. Google’s decision to block
infected sites shortly after the vulnerability became known will
hopefully prevent the malware from spreading any further.
If you believe your WordPress site has been infected by the SoakSoak malware, there is a list of resources in this WordPress Support thread that can help you correct the problem.
If
you’re in the clear, then let this be a reminder that it’s incredibly
important to keep your WordPress plugins updated in order to be fully
protected against security vulnerabilities. Updating your plugins is
just as important as keeping your WordPress installation updated to the
most current version.
No comments:
Post a Comment