HomeSecurity

Soaksoak Malware

Forrest Stroud
Forrest Stroud
Updated on:

SoakSoak is a strain of malware that leverages security vulnerabilities in a WordPress plug-in. These vulnerabilities are found in the RevSlider third-party plug-in, which is included in several popular themes for the open source blogging and content management system (CMS).

SoakSoak can utilize these vulnerabilities on unpatched or out-of-date WordPress systems to connect with the SoakSoak.ru domain and load JavaScript malware onto the infected Website. This malware includes a backdoor Trojan that enables control of the compromised WordPress site.

SoakSoak Large-Scale Attack in 2014

SoakSoak was launched as a large-scale attack on December 14th, 2014. Despite updated versions of the RevSlider plug-in being available since September of 2014, more than 100,000 WordPress sites were infected by the initial strain of SoakSoak.

Because the RevSlider plug-in isn’t directly installed by users but is instead included as part of downloadable themes for WordPress, many WordPress sites were infected without the knowledge of the webmaster of the site.

Forrest Stroud
Forrest Stroud
Forrest is a writer for Webopedia. Experienced, entrepreneurial, and well-rounded, he has 15+ years covering technology, business software, website design, programming, and more.

Related Articles

@ Sign

Networking Webopedia Staff - 0
Pronounced at sign or simply as at, this symbol is used in e-mail addressing to separate the user' name from the user's domain name,...

Munging

Productivity Vangie Beal - 0
(MUHN-jing) Munging (address munging), is the act of altering an email address posted on a Web page to make it unreadable to bots and...

How to Create an RSS Feed

Development Vangie Beal - 0
In the second installment of RSS how-to, we look at some of the nonrequired (optional) channel and item tags, discuss RSS specifications in-depth and...

Dictionary Attack

Productivity Vangie Beal - 0
(n.) (1) A method used to break security systems, specifically password-based security systems, in which the attacker systematically tests all possible passwords beginning with...

Related Articles

Definitions

ScalaHosting

ScalaHosting is a leading managed hosting provider that offers secure, scalable, and affordable...
Read more
Development

HRIS

Human resources information system (HRIS) solutions help businesses manage multiple facets of their...
Read more
Definitions

Best Managed Service Providers...

In today's business world, managed services are more critical than ever. They can...
Read more

Webopedia is an online information technology and computer science resource for IT professionals, students, and educators. Webopedia focuses on connecting researchers with IT resources that are most helpful for them. Webopedia resources cover technology definitions, educational guides, and software reviews that are accessible to all researchers regardless of technical background.

Advertisers

Advertise with Webopedia and our other IT-focused platforms.

Advertise with Us

Menu

Property of Find.co
© 2023 Webopedia. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which Webopedia receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. Webopedia does not include all companies or all types of products available in the marketplace.