Malware attack on 100,000 WordPress websites

If you are a WordPress website owner you might be interested in reading this because you could be one of the users having an infected website.

Many WordPress websites are using the RevSlider Plugin which comes with several themes as a bundle. Some users may not even know if they are using it or not. The problem seems to occur when the plugin isn´t updated. Most times this happens because the users don´t want to pay for the update or because they don´t know about the plugin being installed on their domain.

According to more than 100,000 WordPress websites has been infected after the attackers found this vulnerability in the RevSlider Plugin. The search engine giant Google has blacklisted over 11,000 affected WordPress domains, according to Menifee, California-based security company Sucuri.

This malware campaign has been dubbed SoakSoak because it redirects users of the websites to This happens because the attackers have been putting some malware code into the WordPress website.

It is possible to clean up an attacked WordPress website, but it can take some time and you sure need some knowledge as well. When the cleanup has been done it is very important to upgrade the RevSlider Plugin or get rid of it to prevent a new attack.