December 16, 2014
The threat is called SoakSoak and it has compromised more than 100,000 WordPress-supported platforms, which came to light after Google blacklisted nearly 11,000 domains that had been infected with this malware.
Although this infection occurs at the level of the server where the web page is hosted, there are also problems for the user who visits the affected address: normal browsing is interrupted by constant redirections to portals related to SoakSoak, where the download is also started. of files that install malicious code on the user’s computer.
For website developers who keep their work on WordPress, it should be noted that the malware modifies the wp-includes / template-loader.php file to force the wp-includes / js / swobject.js module to be performed on all pages, which results in the execution of the Java code that contains the script to load SoakSoak.
For the moment, more details are awaited on the methods of contagion of the infection and how to avoid them, being the task of each webmaster to be aware of the situation to avoid falling into this problem or remove it from their platform if they are already involved. .
via New Malware Has Affected Over 100,000 WordPress-Based Websites – FayerWayer.
[+] Videos de nuestro canal de YouTube