If you are a WordPress website owner you might want to pay attention to this article.
More than 100,000 WordPress websites using the RevSlider plugin have been infected with malware according to FoxNews.com.
Attackers exploited a vulnerability in the very popular WordPress plugin that made it possible for them to infect the websites with malware.
This malware campaign has been dubbed SoakSoak because the infected websites redirects users of the website to the Russian website soaksoak.ru.
Google is attempting to stop the infection of the websites. This means that Google has blacklisted over 11,000 affected WordPress domains, according to Menifee, California-based security company Sucuri.
This SoakSoak campaign works in a way where it´s scanning the WordPress websites looking for the outdated version of RevSlider. Many site owners are using outdated versions because they don´t want to pay for updates.
Getting rid of the malware is possible, but updating the plugin first is necessary. Also administrators first have to replace their sites’ swfobject.js and template-loader.php files to versions without the malicious code.