SoakSoak Malware affects 100,000+ WordPress sites

Sucuri recently reported that hundreds of thousands of WordPress sites have been infected with a new strain of malware, which injects malicious JavaScript into every page of affected sites.

According to their analysis, the “SoakSoak” malware uses a known vulnerability in old versions of the Slider Revolution plugin to infect sites.

In September, we reported the Slider Revolution vulnerability and released a hotfix, which prevents attackers from taking advantage of the vulnerability on all sites running VaultPress 1.6.5 or later.

Today, we’ve released an update for our security scanner to detect any cases of the SoakSoak malware.

We are scanning all VaultPress-protected sites for this malware, regardless of plan level. We will contact site owners who are affected and will work directly with them to repair their sites.

Fixing a compromised site

We will contact you, if we determine that your site has been compromised. The easiest way to fix this vulnerability is for you to re-install your core WordPress files. You can do so in just a few steps:

1. Visit your WordPress dashboard.
2. Navigate to Dashboard → Updates
3. Click the Re-Install Now button and follow the prompts on screen.

To be extra safe, you should also ensure that you’re running the latest versions of the VaultPress and Slider Revolution plugins.

As always, if you have any questions or need further help, feel free to contact us!


This entry was posted in General, Security. Bookmark the permalink.