More than 100,000 pages using Wordpress are infected with malware

Malware (malicious software, virus software) called SoakSoak is said to be made by Russian haker - infected on more than 100 thousand Wordpress sites through a 3rd party plugin, the infection took place from Last Sunday.

The infected blog will be controlled by hackers, it can become an attack tool to other sites or create other infections on the user's computer, ie if you accidentally read an infected page, it is possible You will also be in danger.

Google has locked more than 11,000 domains thought to be infected in an attempt to control the damage, but you can also see that this number is only a small part of the infected pages. Security vendor Sucuri said the malware worked because of a security error of the slide show plugin for Wordpress, called Slider Revolution. Slider Revolution development team knew about this vulnerability since September 2014 but it seems they haven't patched it in time.

Completely removing this malware requires a lot of effort from all sides, plus many website owners who don't know they're using Slider Revolution also make it harder to remove. The owners of websites using Wordpress themes that come with slide show codes need to update the plugin manually if the automatic update fails.

There are now more than 70 million websites using the Wordpress platform, from simple sites like personal blogs to big news outlets like Time.com. This malware currently only attacks self-hosted websites using Wordpress that use this premium plugin, if you only use blogs on Wordpress.com then it is likely that you are not.