Tag Archive for WordPress

Russian malware SoakSoak has soaked through 100,000 WP Sites already

Posted on December 16, 2014 by

malwaresymbolThe Russians are at it again. Online security firm Sucuri has said it has detected a malware called SoakSoak which has infected over 100,000 WordPress (WP) Sites since last Sunday.

According to Sucuri, the malware uses a vulnerability in a slideshow plug-in called Slider Revolution. The Slider Revolution team, it claimed, had known about the vulnerability since September, but they failed to fix it.

A post on the official Sucuri blog said: Yesterday we disclosed a large malware campaign targeting and compromising over 100,000 WordPress sites, and growing by the hour. It was named SoakSoak due to the first domain used in the malware redirection path (soaksoak.ru).

After a bit more time investigating this issue, we were able to confirm that the attack vector is the RevSlider plugin. We disclosed a serious vulnerability with this plugin a few months ago, it seems that many webmasters have either not heard of or did not take seriously the vulnerability.

The biggest problem, it seems, is that the RevSlider plugin is a premium plugin, which means it’s not something everyone can easily upgrade. The security firm posted that some Website owners did not even  know they had contracted the virus, as it had been packaged & bundled into their themes. Sucuri said it was remediating 1000s of Sites.

There’s also a warning for some from Sucuri: We are hearing a lot of recommendations Online to just replace the swfobject.js and template-loader.php files to remove the infection.

It does removes the infection, but does not address the left over backdoors and initial entry points. The website will be reinfected quickly. If you are affected by this, expect to find yourself riddled with backdoors and infections, you have to not only clean, but also stop all malicious attacks. You can stop malicious attacks through the use of a Website Firewall, ours or someone else, just use a Firewall, a real one preferably.

You may also want to read: Android users since 2010 may have had their data exposed because of vulnerability

Advertising Message

Comments Off on Russian malware SoakSoak has soaked through 100,000 WP Sites already Posted in Internet News

ThemeBro finds you the “perfect” WP theme

Posted on November 8, 2014 by

WordPress Themes

For all those of you out there who are about to launch a Website on WordPress, here’s a cool tool that helps you select the “right” theme for it. As most of you may already be aware, before launching a Site you need tobook a domain name & have a tie-up with an Internet hosting company. Then comes the delicate part, the design/visual element – what WP theme to use for your Site.

The standard way is more a hit-n-trial one – do research on the Web, look around for themes you think could be right for your yet-to-be-launched Website, & then, leave it to Lady Luck (in 99% cases) & hope you’ve got it right.

This kind of arbitary approach can now be done away with using this startup called ThemeBro. Designed by Heidi Pungartnik, a Slovenia-based designer & entrepreneur, owner of Design for Founders, ThemeBro has made the selection of a WP theme into an exact science to help you choose the best for your Website.

Simply go to ThemeBro & key in some inputs such as the kind of layout you want your Site to have, the color, etc & it throws up some of the best themes based on your choices. You may then select any one. Plus, the tool is free to use. This one is just like a search engine for a suitable WP theme.

Image Credit: ThemeBro

Advertising Message

Comments Off on ThemeBro finds you the “perfect” WP theme Posted in Internet News
« Older Entries