On Sunday, mysterious Russian virus named ‘SoakSoak’ infected more than 100,000 of WordPress sites, turning them into attack platforms. Google has already blacklisted 11k websites to avoid further damage. SoakSoak is almost considered to be an epidemic considering the damage it has done so far.
What is ‘SoakSoak virus’?
This damaging malware campaign has been brought by soaksoak.ru, hence being dubbed as the ‘SoakSoak malware’ epidemic. This virus is not directly targeted at WordPress but it appears that WordPress platform is affected the most. Let me explain to you what ‘SoakSoak virus’ is and how to prevent it from infecting your WordPress website.
Although the exact method of intrusion has not been identified but several factors indicate that SoakSoak virus seems to be using recent vulnerability in revolution slider to infect sites and it not only infects the sites where it gains entry but the sites which are on same server. Infected sites are witnessing strange behavior including redirects to SoakSoak.ru WebPages. This virus has the potential to download infected files on visitor’s computer without consent thus damaging it completely.
This is one of the important reminders for us to keep our plugins, themes and websites updated. You need to make sure that all the plugins are up to date, another important thing to keep in mind is to keep removing inactive plugins for your website.
Also, you need to have a good security plugin like iThemes security or Sucuri plugin to keep your website secure and keep it updated and check it frequently. For now you can head to sucuri’s free site scanner to check whether your website is clean or the virus has already made way into your website.
Apart from this there are few important factors to keep in mind such as
1.Install only those plugins that you essentially require, sometimes updates can clash with other plugins and create trouble.
2.Old plugins are a security threat, keep cleaning your website.
3.Always use the latest version of the WordPress, this may help you avoid a lot of potential risks.
4.If your site gets infected, immediately take it offline and delete the site and restore using a pre-hack backup.
If you don’t know how to do it, it is advisable to get a website builder to fix it or sucuri also has offers these services. If you are buying your theme from envato marketplace, codecanyon, themeforest then it is advisable to check the themes that use the plugin RevSlider.