SoakSoak Malware Compromises Over 100,000 WordPress Sites

/ 5 years ago


Security provider Sucuri has discovered a new form of malware that has infected over 100,000 WordPress sites. The Malware, dubbed ‘SoakSoak’, has resulted in 11,000 sites being blacklisted by Google for security reasons. Websites infected with SoakSoak are vulnerable to unstable behaviour, including randomised redirects to – the origin of the disruptive software – and forcing malicious files to download to the site visitor’s computer.

According to Sucuri’s blog:

SoakSoak malware modifies the file located at wp-includes/template-loader.php which causes wp-includes/js/swobject.js to be loaded on every page view on the website and this “swobject.js” file includes a malicious java encoded script malware.


For any owner of a WordPress blog concerned about website security, Sucuri offers the free SiteCheck tool to scan a site for malware, available on its website.

Source: Tech Worm

Topics: ,


By supporting eTeknix, you help us grow. And continue to bring you the latest news, reviews, and competitions. Follow us on Facebook and Twitter to keep up with the latest technology. Share your favourite articles, chat with the team and more. Also check out eTeknix YouTube, where you'll find our latest video reviews, event coverage and features in 4K!

eTeknix Facebook eTeknix Twitter eTeknix Instagram eTeknix Instagram

Check out our Latest Video

Speak Your Mind

Tell us what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!