We all know that security and protecting your websites from uninvited guests is of paramount importance. It is also important to monitor the security of any third party plug-ins or content management systems as well. We were reminded of that fact by the security firm Sucuri’s announcement about a malware problem associated with a WordPress plug-in.
As a result of the security breach, Google has blacklisted more than 11,000 WordPress domains that have been found to be infected by the SoakSoak malware. The sites were taken down in an effort to help stop the spread of the malware even further.
The malware has been found in the WordPress RevSlider plug-in. This is a very popular plug-in that is part of many WordPress themes and many site owners may not even be aware they are using the plug-in and consequently are not keeping it up to date to protect against these kinds of attacks.
According to Sucuri, “If you believe you are infected you can use our Free SiteCheck scanner, signatures have all been updated to detect the latest redirection.”
This is a reminder to work with your SEO and other members of your security team to keep plug-ins and other third party products up to date and make sure you are running the most current versions. It is important to stay knowledgeable on recent trends and aware of potential threats to avoid them.