SoakSoak Malware Compromises 100,000+ WordPress WebsitesThe malwareSecurity Net
The malware
Once your website has been infected by the malware, you may experience irregular website behavior including unexpected redirects to SoakSoak.ru web pages. You may also end up downloading malicious files onto your computer systems automatically without any knowledge. The attack vector for the malware is not yet known, as is the reason of this campaign. This campaign has resulted in a loss both revenue and reputation for the WordPress blog owners who are blacklisted by Google.
Security Net
The security team which has been investigating the campaign – Sucuri – says that this campaign does not appear to be specifically targeted towards WordPress, the victims seem to be blogs relying on its frame work. So the fact that most of its victims are WordPress websites, may just be a coincidence. If you run any website and are worried about the potential risk of the infection to your website, Sucuri has provided a free SiteCheck tool here scanner that will check your website for the malware. The exact method of intrusion has not been pointed out at this time, but numerous signals led to believe us all that many WordPress users could have fallen victim to this attack. However, if you have enabled a Firewall, CloudProxy or CDN service, you are protected from the SoakSoak malware campaign.