Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Clean up your Wordpress plugins to avoid SoakSoak and other malware threats

Tony Bradley | Dec. 22, 2014
Watch out for SoakSoak, a new malware threat that has compromised more than 100,000 Wordpress websites and led to more than 11,000 domains' being blacklisted by Google. Wordpress is a hugely popular and widely used Web publishing platform, so it's important to understand how the SoakSoak malware works, and what you can do to prevent your own Wordpress site from being compromised.

Just as attackers have compromised smaller, less secure third parties as a means of attacking larger victims like Target, malware developers know that it's much easier to discover and exploit vulnerabilities in third-party plugins. The fact that SoakSoak has been able to spread to more than 100,000 Wordpress sites is evidence of the risk you're exposing yourself to by leaving out of date or unused plugins active on your website.

Hansen summed up, "Companies like WordPress.com and WPEngine.com do reduce the damage by quickly identifying and fixing the problems for the clients, but it's best to keep the fewest plugins possible installed."

 

Previous Page  1  2 

Sign up for Computerworld eNewsletters.