More Than 100,000 WordPress Sites Under Attack
WordPress sites are under attack these days, thanks to a Russian malware called SoakSoak which has infected over 100,000 sites, turning blogs into attack platforms.
Google has been working hard against this attack, and has already blocked 11,000 domains to minimize the impact of damage. According to the security firm Sucuri, the malware uses a vulnerability in a slideshow plug-in called Slider Revolution. However, the Slider Revolution team have fixed it with updates.
But the basic problem is that the previous, infected version of the plug-in is still incorporated with WordPress themes, so many sites are still using the vulnerable version of the plug-in.
That is why Sucuri is claiming that the company can not promise to completely remove the malware since many site owners don’t even know that their site is infected.
Apart from removing the malicious code, they will also require updating the premium plug-in. One thing the site admins should take into consideration is that if the plug-in was part of the theme, it won’t automatically update. The administrators will have to manually update it.
Dulfy, a gaming site which also fell victim to the malware, was one of the first infected domains to recover, by removing the code and going behind a firewall. Still, Dulfy’s admin is doubtful whether the fix is permanent or not.
“The firewall will be a temporary measure until we can figure out what is doing it,” site owner Kristina Hunter told.
WordPress is used by over 70 million sites as a content management system, varying in usage from personal blogs to Time.com. For all you people out there with personal blogs, you need not worry because this malware attack only affects self-hosted sites that use WordPress.
But of course, if you visit sites with the malware, you’re not okay. WordPress sites are so commonly used that Google has only been able to detect only a small percentage of the infected sites. The intention of the malware distributors is still vague – whether they are trying to steal data or anything else.
For all the sites that have doubts about their vulnerabilities, you should learn this lesson from Slide Revolution: they knew about their weak spot in advance, that is why they fixed it rapidly. But the way the plug-in was bundled, has made automatic updating difficult. So simply ignoring vulnerabilities should not be tolerated.
Point to note: this is a problem with a third-party WordPress plug-in, not WordPress.