The malware “SoakSoak” is exploiting a vulnerability in older versions of the WordPress plugin “Slider Revolution” and is targeting and compromising many WordPress websites. If you have installed this plugin, please update it to the latest Version immediately or deactivate/uninstall it. All versions below 4.6 are affected by this vulnerability.
As “Slider Revolution” is a premium plugin, it is oftentimes installed together with a theme without actively using it. Therefore, please check if you have this plugin installed.
You can check if your WordPress installation is infected with this Service. If you are affected, replace the following files containing the malicious code:
In addition, check your complete WordPress installation for malicious files and delete them.
WordPress Installations in Safe Mode at 1&1 are Protected
If you are using WordPress in Safe Mode with 1&1, your files are protected against changes from outside. The files mentioned above are safe. However, please update the plugin or deactivate/uninstall it as soon as possible.