SoakSoak is having its source from Russia, a Malware code that has infected almost 100,000 websites powered by WordPress. According to the company dealing with cybersecurity -Sucuri- “Google has already blacklisted over 11,000 sites that are infected with the malware, in the hope of stopping it from spreading”.

Over 100,000 WordPress sites hit by Russian Malware SoakSoak


The worm exploits a vulnerability in the plug Slider namely  RevSlider. Russian cybercriminals have designed it to modify the file wp-includes / template-loader.php in such a way that each page was loaded script wp-includes / js / swobject.js, which in turn runs the malware from a Russian server.

SoakSoak is aimed at users of WordPress using Internet Explorer. Their ingredients “injected” into various components. Therefore, get rid of the pest is quite complicated. The only way is to update the plugin to the latest version. Sounds easy, but it is not.

““To make matters worse, this is a very popular plugin that has left 100,000-plus websites exposed and is often bundled with other themes – so website owners don’t even know that they’re exposed.” “ – said one of the representatives from the company Sucuri said that, some people even may not know the use of that plugin, as it can be integrated with the theme.

If you have a page in WordPress and want to verify that you are safe, you can use one of the free scanners(Here).