SoakSoak malware

SoakSoak is a strain of malware that leverages security vulnerabilities in a WordPress plug-in. These vulnerabilities are found in the RevSlider third-party plug-in, which is included in several popular themes for the open source blogging and content management system (CMS).

SoakSoak can utilize these vulnerabilities on unpatched or out-of-date WordPress systems to connect with the SoakSoak.ru domain and load JavaScript malware onto the infected Website. This malware includes a backdoor Trojan that enables control of the compromised WordPress site.

SoakSoak Large-Scale Attack in 2014

SoakSoak was launched as a large-scale attack on December 14^th, 2014. Despite updated versions of the RevSlider plug-in being available since September of 2014, more than 100,000 WordPress sites were infected by the initial strain of SoakSoak.

Because the RevSlider plug-in isn't directly installed by users but is instead included as part of downloadable themes for WordPress, many WordPress sites were infected without the knowledge of the webmaster of the site.

IT Solutions Builder TOP IT RESOURCES TO MOVE YOUR BUSINESS FORWARD

Which topic are you interested in?

Mobile

Security

Networks/IoT

Cloud

Data Storage

Applications

Development

IT Management

Other

What is your company size?

                Select company size 1-9 10-24 25-49 50-99 100-249 250-499 500-999 1000+

What is your job title?

                   Select job title C-Level/President Manager VP Staff (Associate/Analyst/etc.) Director

What is your job function?

                   Select job function IT - General IT - Project Management IT - Systems/Network Administration IT - Developer IT - Tester/QA Accounting/Finance/Legal Academic/Research Administrative General Management Human Resources Marketing Operations Sales Consultant Other

Searching our resource database to find your matches...