Security News > 2022 > September > Attackers mount Magento supply chain attack by compromising FishPig extensions
FishPig, a UK-based company developing extensions for the popular Magento open-source e-commerce platform, has announced that its paid software offerings have been injected with malware after its distribution server was compromised.
How the attackers compromised the FishPig extensions.
Sansec researchers said that the FishPig distribution server was compromised on or before August 19th. "Any Magento store who installed or updated paid Fishpig software since then, is now likely running the Rekoobe malware," they noted.
Php file, which is included in most FishPig extensions.
The only good news related to this Magento supply chain attack is that there's no evidence that the compromised installations have been taken advantage of.
FishPig is urging users to assume that all paid FishPig Magento 2 modules have been infected, and is advising them to upgrade all FishPig modules or reinstall existing versions from source.
News URL
https://www.helpnetsecurity.com/2022/09/14/fishpig-extensions-compromised/
Related news
- Israel’s Pager Attacks and Supply Chain Vulnerabilities (source)
- Alert: Adobe Commerce and Magento Stores Under Attack from CosmicSting Exploit (source)
- Over 4,000 Adobe Commerce, Magento shops hacked in CosmicSting attacks (source)
- Supply Chain Attacks Can Exploit Entry Points in Python, npm, and Open-Source Ecosystems (source)
- LottieFiles hit in npm supply chain attack targeting users' crypto (source)
- LottieFiles hacked in supply chain attack to steal users’ crypto (source)
- LottieFiles supply chain attack exposes users to malicious crypto wallet drainer (source)