FishPig Data Compromise

Hello,

Do you use FishPig on your Magento site? If so, please read on – they have been hacked and it could affect your business.

On 13th September 2022, FishPig, a developer of a popular Magento 2 extension, announced that they had suffered a server breach. The threat actors compromised the code base of the paid FishPig Magento 2 module, so any site which has installed the module can assume to be compromised. The announcement, along with additional remediation information, can be found here:

https://fishpig.co.uk/security-announcements/#X20220913

The malicious code installs another piece of malware called Rekoobe, a remote access trojan. The executable is deleted after being downloaded and executed, remaining only as a background process with a name that mimics legitimate system services.

If you have installed the FishPig module on your Magento 2 store, it’s highly recommended that you uninstall the current version of the module and reinstall a fresh copy. After this, you should restart your server to remove any traces of the backdoor from memory.

Sincerely,

EveryHost Security Team

FishPig Data Compromise

What is Magento & How Does It Work? The Ultimate Guide 2022

How to Disable PHP Execution in Certain WordPress Directories

Contact details

PRODUCTS & SERVICES

COMPANY

LEGAL

OTHER