Sites stumble on to malware path with plugin exploit
The numbers were not pretty. Over 100,000 WordPress websites may have been infected with malware, once again proving that where there is widespread popularity, whether in operating systems or platforms or plug-ins, there is mischief. In this case, malware that compromised certain WordPress sites was inadvertently turned into a malware distribution system. Tyler Lee in Ubergizmo reported on the incident where sites that are infected load attack code into pages viewed by visitors. As a result, said Lee, Google has since flagged more than 11,000 domains as malicious. Tony Perez, CEO of the website security company Sucuri, in tracking how this all happened, blogged with the headline "SoakSoak Malware Compromises 100,000+ WordPress Websites" that Sunday "started with a bang" with Google flagging over 11,000 domains. "Our analysis is showing impacts in the order of 100's of thousands of WordPress specific websites. We cannot confirm the exact vector, but preliminary analysis...