SoakSoak
SoakSoak is a strain of malware that leverages security vulnerabilities in a WordPress plug-in. These vulnerabilities are found in the RevSlider third-party plug-in, which is included in several popular themes for the open source blogging and content management system (CMS).
SoakSoak can utilize these vulnerabilities on unpatched or out-of-date WordPress systems to connect with the SoakSoak.ru domain and load JavaScript malware onto the infected Website. This malware includes a backdoor Trojan that enables control of the compromised WordPress site.
SoakSoak Large-Scale Attack in 2014
SoakSoak was launched as a large-scale attack on December 14th, 2014. Despite updated versions of the RevSlider plug-in being available since September of 2014, more than 100,000 WordPress sites were infected by the initial strain of SoakSoak.
Because the RevSlider plug-in isn’t directly installed by users but is instead included as part of downloadable themes for WordPress, many WordPress sites were infected without the knowledge of the webmaster of the site.
Read Also:
- GigaPower (AT&T High Speed Internet)
An AT&T initiative that is expected to deliver ultra-fast fiber network, with broadband speeds up to 1 Gigabit per second, to 100 candidate cities and municipalities nationwide. The initial GigaPower high-speed Internet service, launched in Austin, Texas, was priced at $70 per month and offered speeds of up to 300Mbps. In 2013, AT&T said it […]
- goto fail (Apple SSL Vulnerability)
An Apple iOS and OS x Secure Socket Layer (SSL) software vulnerability that allows a malicious user or hacker to intercept and alter communications including email and login credentials. The vulnerability allows anyone with a certificate signed by a “trusted CA” to do a man-in-the-middle attack and intercept communication between the user’s Apple hardware and […]
- Saucy Salamander
Saucy Salamander is the Ubuntu codename for version 13.10 of the Ubuntu Linux-based operating system. Officially released in October 2013, Saucy Salamander follows the Raring Ringtail (v13.04) release and serves as a unifying update for the operating system by laying the groundwork for accelerating the optimization of Ubuntu for multiple form factors, particularly mobile use. […]
- OpenStack Havana
The successor to the Grizzly release of the OpenStack open source cloud computing platform (and the precursor to the 2014 OpenStack Icehouse release), OpenStack Havana debuted in October 2013 as the eighth release of OpenStack. Among OpenStack Havana’s most prominent feature additions are new orchestration and monitoring capabilities to go along with a variety of […]
- Operation Clandestine Fox (IE vulnerability)
Operation Clandestine Fox refers to a vulnerability in Internet Explorer (IE) that would allow owners of malicious websites to gain complete access to the site visitor’s computer if the visitor used IE version 6 and up. With access to the computer, hackers could engage in a number of malicious activities like install apps or even […]