Hey you,
BE IN THE KNOW!

35,000 ransomware infections per month and you still believe you are protected?

Sign up to receive:

  • alerts
  • news
  • free how-to-remove guides

of the newest online threats - directly to your inbox:


SoakSoak Malware Targets WordPress Sites

A New Version of the Citadel Malware Targeting Password ManagersThe SoakSoak malware is now employing new tactics and has recently infected a new batch of websites. The attackers have also changed the Javascript code they inject in the targeted web pages.

Thousands of websites infected with SoakSoak were blacklisted by Google last week. The malware targets WordPress pages, in which the cyber crooks inject the malicious Javascript files.
The initial target of the hackers was wp-includes/template-loader.php. As soon as the file was modified, the malicious Javascript can appear on the whole body of the infected website. That code will the initiate malware download from a remote domain.

Download a FREE System Scanner, to See If Your System Has Been Affected By malware.

SoakSoak’s New Target

The authors behind the SoakSoak campaign have a new target – a “wp-includes/js/json2.min.js“ file that is modified to load a corrupted Flash file. Researchers with Sucuri explain that “The hidden iFrame URL in swfobjct.swf now depends on another script from hxxp://ads .akeemdom . com/db26, also loaded by malware in json2.min.js.”

Older versions of the popular RevSlider plugin are targeted in the SoakSoak campaign, mostly the ones prior to 4.2. Several months ago, researchers disclosed the vulnerability in the plugin.

Daniel Cid of Sucuri says that the biggest issue here is that this is a premium plugin, which cannot be easily upgraded by everyone. Some of the affected websites’ owners do not even realize they have RevSlider packaged into their themes.

The developers of the plugin have patched it silently, but websites that have not been updated are still vulnerable to attacks of this sort.

donload_now_250

Spy Hunter FREE scanner will only detect the threat. If you want the threat to be automatically removed, you need to purchase the full version of the anti-malware tool. Find Out More About SpyHunter Anti-Malware Tool

Berta Bilbao

Berta is the Editor-in-Chief of SensorsTechForum. She is a dedicated malware researcher, dreaming for a more secure cyber space.

More Posts - Website

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...
Please wait...

Subscribe to our newsletter

Want to be notified when our article is published? Enter your email address and name below to be the first to know.