WordPress Sites Blocked by Google After Malware Attack

Tom's Guide / Jill Scharr

Updated December 17, 2014 at 8:31 AM

WordPress Sites Blocked by Google After Malware Attack

More than 100,000 WordPress websites have been infected with malware after attackers exploited a vulnerability in a popular WordPress plugin called RevSlider. The attack turns the infected WordPress sites into unwilling distributors of yet more malware, this time aimed at visitors to the sites.

The malware campaign has been dubbed SoakSoak because it causes some infected websites to redirect visitors to a malicious website at soaksoak.ru. In an attempt to curb the infections, Google has blacklisted over 11,000 affected WordPress domains, according to Menifee, California-based security company Sucuri.

MORE: Best PC Antivirus Software 2014

This SoakSoak campaign works by scanning WordPress websites, looking for those using outdated versions of the RevSlider plugin. Older editions of RevSlider have a known vulnerability that makes them vulnerable to a Local File Inclusion attack, in which an attacker remotely affects a file. The attackers alter the swfobject.js file found in WordPress sites by adding malicious code that causes site visitors to be redirected to the soaksoak.ru site.

RevSlider is a premium WordPress plugin that is occasionally bundled in with other WordPress themes; some site and blog operators might not even know they have it, while others might not want to pay more money to update it. Both factors are reasons SoakSoak has spread so quickly and infected so many WordPress sites.

Sucuri has a free tool that site administrators can use to check their sites for SoakSoak and other malware.

Cleaning up an infected WordPress site is possible, but can be complicated. Administrators first have to replace their sites' swfobject.js and template-loader.php files to versions without the malicious code. To protect themselves from being reinfected, users should also pay to update, or otherwise get rid of, RevSlider, then set up a website firewall.

"Some users are clearing infections and getting reinfected within minutes, and the reason is because of the complex nature of the payloads and improper cleaning efforts," the Securi blog post warns.

Jill Scharr is a staff writer for Tom's Guide, where she regularly covers security, 3D printing and video games. You can follow Jill on Twitter @JillScharr and on Google+. Follow us @tomsguide, onFacebook and on Google+.

Yahoo Sports
Timberwolves coach Chris Finch calls Jamal Murray's heat-pack toss on court 'inexcusable and dangerous'
Murray made a bad night on the court worse during a moment of frustration on the bench.
Yahoo Sports
Former NBA guard Darius Morris dies at 33
Former NBA guard Darius Morris has died at the age of 33. He played for five teams during his four NBA seasons. Morris played college basketball at Michigan.
Yahoo Finance
The FDIC change that leaves wealthy bank depositors with less protection
Affluent Americans may want to double-check how much of their bank deposits are protected by government-backed insurance. The rules governing trust accounts just changed.
Yahoo Sports
Phil Mickelson on the majors: 'What if none of the LIV players played?'
Phil Mickelson hints that big changes could be coming to LIV Golf's rosters, and the majors will need to pay attention.
Yahoo Sports
Heat's Pat Riley unhappy with Jimmy Butler's remarks on Celtics and Knicks, implies he needs to play more
Miami Heat president Pat Riley rebuked comments Jimmy Butler made about the Boston Celtics and New York Knicks, while also implying that his star needs to play more.
Yahoo Sports
Blockbuster May trade by Padres, MVP Ohtani has arrived, Willie Mays’ 93rd birthday & weekend recap
Jake Mintz & Jordan Shusterman discuss the Padres-Marlins trade that sent Luis Arraez to San Diego, as well as recap all the action from this weekend in baseball and send birthday wishes to hall-of-famer Willie Mays.
Yahoo Sports
NBA playoffs: Officials admit they flubbed critical kick-ball call in controversial final minute of Pacers-Knicks
Tuesday's last-2-minute report should be interesting.
Yahoo Finance
Social Security just passed Medicare as the government's most pressing insolvency risk
An annual government report offered a glimmer of good news for Social Security and a jolt of good news for Medicare even as both programs continue to be on pace to run dry next decade.
Yahoo Sports
No one was airing Angel Reese and Kamilla Cardoso's WNBA preseason debuts, so an X user livestreamed it
The quality was choppy, but it was better than what the WNBA had.
Yahoo Finance
The biggest risk to investing in 'Magnificent 7' stocks like Nvidia and Amazon, according to top CEOs
It's good practice for investors to think beyond the "Magnificent Seven" stocks, the CEOs of Apollo and Avenue Capital Group said.
Yahoo Sports
The Scorecard: Andy Pages looks set to go down as one of the best fantasy baseball waiver wire pickups of 2024
Fantasy baseball analyst Dalton Del Don delivers his latest batch of hot takes as we enter Week 6 of the season.
Yahoo Sports
NFL Power Rankings, draft edition: Did Patriots fix their offensive issues?
Which teams did the best in the NFL Draft?
Yahoo Sports
Sky rookie, No. 3 WNBA pick Kamilla Cardoso out at least 4-6 weeks with shoulder injury
Cardoso led South Carolina to a national championship, then became the third pick in last month's WNBA Draft by Chicago.
Yahoo Sports
Anthony Edwards' arrival should have the Nuggets — and the entire league — on high alert
The Timberwolves' rising superstar led Minnesota to a Game 1 victory over Denver, then reminded the world that he's 22, not 23 ... yet.
Yahoo Sports
Formula 1: Miami Grand Prix sends cease and desist letter to prevent Donald Trump fundraiser during race
Race organizers say they'll revoke a Trump fundraiser's suite license if he holds an event for the former president on Sunday at the race.
Yahoo Sports
NFL Draft grades for all 32 teams | Zero Blitz
Jason Fitz and Frank Schwab join forces to recap the draft in the best way they know how: letter grades! Fitz and Frank discuss all 32 teams division by division as they give a snapshot of how fans should be feeling heading into the 2024 season. The duo have key debates on the Dallas Cowboys, New York Giants, New Orleans Saints, Los Angeles Rams, New England Patriots, Las Vegas Raiders and more.
Yahoo Sports
2024 NFL Draft grades: Denver Broncos earn one of our lowest grades mostly due to one pick
Yahoo Sports' Charles McDonald breaks down the Broncos' 2024 draft.
Yahoo Sports
Victor Wembanyama wins NBA Rookie of the Year via unanimous vote after delivering on unprecedented hype
Victor Wembanyama did everything for the Spurs as a rookie.
Autoblog
Edmunds bought a Fisker Ocean, warns others not to make the same mistake
Edmunds bought a Fisker Ocean and details the highs and lows of ownership while warning others not to make the same mistake.
Yahoo Sports
NFL Draft fashion: Caleb Williams, Malik Nabers dressed to impress, but Marvin Harrison Jr.'s medallion stole the show
Every player was dressed to impress at the 2024 NFL Draft.

News

Life

Entertainment

Finance

Sports

New on Yahoo

Stormy Daniels testifies at Trump's hush money trial

WordPress Sites Blocked by Google After Malware Attack

Recommended Stories

Timberwolves coach Chris Finch calls Jamal Murray's heat-pack toss on court 'inexcusable and dangerous'

Former NBA guard Darius Morris dies at 33

The FDIC change that leaves wealthy bank depositors with less protection

Phil Mickelson on the majors: 'What if none of the LIV players played?'

Heat's Pat Riley unhappy with Jimmy Butler's remarks on Celtics and Knicks, implies he needs to play more

Blockbuster May trade by Padres, MVP Ohtani has arrived, Willie Mays’ 93rd birthday & weekend recap

NBA playoffs: Officials admit they flubbed critical kick-ball call in controversial final minute of Pacers-Knicks

Social Security just passed Medicare as the government's most pressing insolvency risk

No one was airing Angel Reese and Kamilla Cardoso's WNBA preseason debuts, so an X user livestreamed it

The biggest risk to investing in 'Magnificent 7' stocks like Nvidia and Amazon, according to top CEOs

The Scorecard: Andy Pages looks set to go down as one of the best fantasy baseball waiver wire pickups of 2024

NFL Power Rankings, draft edition: Did Patriots fix their offensive issues?

Sky rookie, No. 3 WNBA pick Kamilla Cardoso out at least 4-6 weeks with shoulder injury

Anthony Edwards' arrival should have the Nuggets — and the entire league — on high alert

Formula 1: Miami Grand Prix sends cease and desist letter to prevent Donald Trump fundraiser during race

NFL Draft grades for all 32 teams | Zero Blitz

2024 NFL Draft grades: Denver Broncos earn one of our lowest grades mostly due to one pick

Victor Wembanyama wins NBA Rookie of the Year via unanimous vote after delivering on unprecedented hype

Edmunds bought a Fisker Ocean, warns others not to make the same mistake

NFL Draft fashion: Caleb Williams, Malik Nabers dressed to impress, but Marvin Harrison Jr.'s medallion stole the show