SoakSoak Malware Targets WordPress Sites - How to, Technology and PC Security Forum | SensorsTechForum.com
NEWS

SoakSoak Malware Targets WordPress Sites

OFFER

SCAN YOUR PC
with SpyHunter

Scan Your System for Malicious Files
Note! Your computer might be affected by malware and other threats.
Threats such as malware may be persistent on your system. They tend to re-appear if not fully deleted. A malware removal tool like SpyHunter will help you to remove malicious programs, saving you the time and the struggle of tracking down numerous malicious files.
SpyHunter’s scanner is free but the paid version is needed to remove the malware threats. Read SpyHunter’s EULA and Privacy Policy

A New Version of the Citadel Malware Targeting Password ManagersThe SoakSoak malware is now employing new tactics and has recently infected a new batch of websites. The attackers have also changed the Javascript code they inject in the targeted web pages.

Thousands of websites infected with SoakSoak were blacklisted by Google last week. The malware targets WordPress pages, in which the cyber crooks inject the malicious Javascript files.
The initial target of the hackers was wp-includes/template-loader.php. As soon as the file was modified, the malicious Javascript can appear on the whole body of the infected website. That code will the initiate malware download from a remote domain.

Download a FREE System Scanner, to See If Your System Has Been Affected By malware.

SoakSoak’s New Target

The authors behind the SoakSoak campaign have a new target – a “wp-includes/js/json2.min.js“ file that is modified to load a corrupted Flash file. Researchers with Sucuri explain that “The hidden iFrame URL in swfobjct.swf now depends on another script from hxxp://ads .akeemdom . com/db26, also loaded by malware in json2.min.js.”

Older versions of the popular RevSlider plugin are targeted in the SoakSoak campaign, mostly the ones prior to 4.2. Several months ago, researchers disclosed the vulnerability in the plugin.

Daniel Cid of Sucuri says that the biggest issue here is that this is a premium plugin, which cannot be easily upgraded by everyone. Some of the affected websites’ owners do not even realize they have RevSlider packaged into their themes.

The developers of the plugin have patched it silently, but websites that have not been updated are still vulnerable to attacks of this sort.

donload_now_250

Spy Hunter FREE scanner will only detect the threat. If you want the threat to be automatically removed, you need to purchase the full version of the anti-malware tool. Find Out More About SpyHunter Anti-Malware Tool

Berta Bilbao

Berta is a dedicated malware researcher, dreaming for a more secure cyber space. Her fascination with IT security began a few years ago when a malware locked her out of her own computer.

More Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...