London, UK - 07 January 2015: A new online scanner has been developed by IT security experts Foregenix that enables WordPress owners to check their sites for infection following the announcement that more than 11,000 websites have been blacklisted by Google, after being compromised by “SoakSoak” malware.
SoakSoak modifies a file in infected sites’ WordPress installation, then loads a Javascript malware from the soaksoak.ru domain.
The malware is using a vulnerability in the RevSlider WordPress plugin which is often used within WordPress themes, meaning website owners may not know they are at risk as it could have been included without their knowledge.
The Foregenix scanner has already been run against one million websites globally, finding an average of two percent compromise rate - equating to a potential of 20,000 of infected sites.
Website owners are being urged to check their website at www.foregenix.com/wordpress where the scanner will firstly assess whether the infected Javascript is present, and secondly whether the site has been compromised. The Foregenix support team can then be on hand to assist you back to recovery.
Speaking about the infection, Foregenix Director, Benjamin said:
“It is likely that the impact of this malware could be far greater than has been predicted with hundreds and thousands of sites affected.
“We recently ran a similar scanner following a Magento breach, scanning thousands of websites and reporting nearly 5% infection rate. WordPress website owners should act now and visit www.foregenix.com/wordpress to make sure their site is safe.”
Wordpress website owners are urged to check their websites using the Foregenix scanner - or an alternative service - as this issue could have significant implications if a site is vulnerable or compromised already.