Home > Cyber News > SoakSoak Malware Targets WordPress Sites

SoakSoak Malware Targets WordPress Sites

A New Version of the Citadel Malware Targeting Password ManagersThe SoakSoak malware is now employing new tactics and has recently infected a new batch of websites. The attackers have also changed the Javascript code they inject in the targeted web pages.

Thousands of websites infected with SoakSoak were blacklisted by Google last week. The malware targets WordPress pages, in which the cyber crooks inject the malicious Javascript files.
The initial target of the hackers was wp-includes/template-loader.php. As soon as the file was modified, the malicious Javascript can appear on the whole body of the infected website. That code will the initiate malware download from a remote domain.

Download a FREE System Scanner, to See If Your System Has Been Affected By malware.

SoakSoak’s New Target

The authors behind the SoakSoak campaign have a new target – a “wp-includes/js/json2.min.js“ file that is modified to load a corrupted Flash file. Researchers with Sucuri explain that “The hidden iFrame URL in swfobjct.swf now depends on another script from hxxp://ads .akeemdom . com/db26, also loaded by malware in json2.min.js.”

Older versions of the popular RevSlider plugin are targeted in the SoakSoak campaign, mostly the ones prior to 4.2. Several months ago, researchers disclosed the vulnerability in the plugin.

Daniel Cid of Sucuri says that the biggest issue here is that this is a premium plugin, which cannot be easily upgraded by everyone. Some of the affected websites’ owners do not even realize they have RevSlider packaged into their themes.

The developers of the plugin have patched it silently, but websites that have not been updated are still vulnerable to attacks of this sort.


Spy Hunter FREE scanner will only detect the threat. If you want the threat to be automatically removed, you need to purchase the full version of the anti-malware tool. Find Out More About SpyHunter Anti-Malware Tool


Berta Bilbao

Berta is a dedicated malware researcher, dreaming for a more secure cyber space. Her fascination with IT security began a few years ago when a malware locked her out of her own computer.

More Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Share on Facebook Share
Share on Twitter Tweet
Share on Google Plus Share
Share on Linkedin Share
Share on Digg Share
Share on Reddit Share
Share on Stumbleupon Share