A Russian malware called SoakSoak has infected over 100,000 WordPress sites since this Sunday, turning blogs into attack platforms. It’s a potential shitshow, and it could’ve been prevented earlier this fall.
Google has already blocked 11,000 domains to try to curb the damage. According to security firm Sucuri, the malware uses a vulnerability in a slideshow plug-in called Slider Revolution. The Slider Revolution team have fixed it with updates. The problem is that the old,vulnerable version of the plug-in is still bundled with WordPress themes, so lots of sites are still using the wrong version.
Researchers at Sucuri are warning that it’ll be hard to completely eradicate the malware as long as so many site owners don’t know it’s there. In addition to removing the malicious code, they will need to update the premium plug-in. If the plug-in came as part of a theme, it won’t update automatically. That means site admins will have to manually update if the theme package isn’t updated.
Gaming site Dulfy was one of first infected domains to fix the problem by removing code and going behind a firewall, but it may persist on blogs with less diligent administrators indefinitely. And Dulfy’s admin isn’t sure…
Get a Stunning Home page design for your business – See more at: http://www.computerdoctorswebsitedesign.com/pricing.html
#BlackFriday #SmallBusinessSaturday #CyberMonday Deal on Website Design, Web Development, SEO, Internet Marketing. 11/28 to 12/1 50% off any Web Development Contract. Contact Computer Doctors @ (201) 290-4254 to sign up. Stay away from the long lines and still reap a ton of savings. Bring your business to the forefront in 2015. Blow the competition away and save money for your Holiday Shopping…Payment must be made via PayPal, Credit Card or in person by 5pm 12/1 in order to take advantage of this amazing deal!!!!