Google Blocks Thousands Of WordPress Sites Following Malware Attack
Security firm Sucuri reports that Google has blacklisted over 11,000 malware-infected WordPress domains, and over 100,000 sites in total have been affected by a new malware campaign from SoakSoak.ru. By using a vulnerability found in the WordPress plugin RevSlider, SoakSoak modifies a file in a site’s WordPress installation and loads Javascript malware. RevSlider is often used in WordPress themes, so many site owners may not even know they’re using the plugin, let alone that they need to update it to prevent a malware attack. Moreover, it’s not a plugin that’s easily updated, as Sucuri’s Daniel Cid points out: “The biggest issue is that the RevSlider plugin is a premium plugin, it’s not something everyone can easily upgrade and that in itself becomes a disaster for website owner. Some website owners…