Slider Revolution exploit | Update or get hacked

Slider Revolution exploit

Back in September 2014 Slider Revolution – a slider plugin for WordPress – was found to have an exploit. Slider Revolution was widely used as it has been bundled with a number of popular WordPress themes. According to the Securi blog the slider authors issued an update, but the hack details somehow found its way into the hacker underground network, so thousands of websites were exposed to potential hacking – but only if they didn’t update the slider plugin.

Battling the Exploit

I was recently introduced first-hand to the Slider Revolution hack through an associate who noticed Google displaying ‘This site may harm your computer‘ in search results for their site. Not exactly an enticing invitation to lure prospective clients to visit your website.

SERP with hacked warning

After initially removing the obvious hacked files, the hack re-appeared – we hadn’t removed the exploit. Then coincidentally Google WebMasters helped solve the issue with an alert – it detected the exploitable version of Slider Revolution in the site and emailed an alert.

The Learnings

There’s a couple of lessons in this for all of us:

WordPress needs to be diligently updated, which includes:

  • Core software (ie WordPress code)
  • Themes
  • All plugins

This exploit was uncovered over 6 months ago, yet this site was hacked by it, and probably many more will too. If sites where updated, these online vandals would not have such a high success rate and might get discouraged and find something useful to do with their time.

Ensure there is a current backup for your site. In many situations there’s no alternative but to roll the site back to a previous update. If that’s from a year ago, then your recovered website will not feature any recent updates/posts etc.

Use Webmasters Tools
While Google Webmasters Tools (WMT) was traditionally an resource for geeks and SEO-types like myself, increasingly Google is providing timely, ‘health check’ style info, some of which is delivered in alert emails.

I recommend you connect WMT to your site and ensure someone receives the alert emails

Get it done – even if you don’t want to do it

If you don’t want to/know how to do updates, backups and WMT registration then ensure someone is doing this for you. If its not part of your web dev’s business model then consider our WebSite Concierge Services which are designed specifically to help clients improve the integrity of their websites to avoid this type of disaster.