SoakSoak Malware Compromises 100,000+ WordPress Websites

Posted by Ben Spector on 17-Dec-2014 15:24:32

We have been contacted over the last few days by several clients concerned by reports they've read in the press about a new Russian malware attack (SoakSoak) affecting WordPress websites. Please rest assured that if you have a website maintenance contract with SpecTronics, we have already taken steps to protect you from this attack.

According to The Independent, Google has already blacklisted over 11,000 sites that are infected with the malware, in the hope of stopping it from spreading. Security firm Securi have reported that the malware uses a vulnerability in a slideshow plug-in called Slider Revolution. The Slider Revolution team have fixed it with updates. The problem is that the old, vulnerable version of the plug-in is still bundled with WordPress themes, so lots of sites are still using the wrong version.

Over 70 million sites use WordPress as a content management system, from personal blogs to This malware attack only affects self-hosted sites that use WordPress, so if you have a personal blog on, you're okay.

Other things to consider include the use of a WAF (Web Application Firewall) such as CloudFlare or Securi to protect your website from similar attacks. If you have any concerns about your own website, whether or not it was developed by SpecTronics, please do get in touch so that we can arrange for our developers to apply the relevant updates and provide advice on website security.

Topics: News

Something Powerful

Tell The Reader More

The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.


  • Bullets are great
  • For spelling out benefits and
  • Turning visitors into leads.

Subscribe Here!

Recent Posts

Posts by Tag

See all