Security News > 2022 > September > Attackers mount Magento supply chain attack by compromising FishPig extensions
FishPig, a UK-based company developing extensions for the popular Magento open-source e-commerce platform, has announced that its paid software offerings have been injected with malware after its distribution server was compromised.
How the attackers compromised the FishPig extensions.
Sansec researchers said that the FishPig distribution server was compromised on or before August 19th. "Any Magento store who installed or updated paid Fishpig software since then, is now likely running the Rekoobe malware," they noted.
Php file, which is included in most FishPig extensions.
The only good news related to this Magento supply chain attack is that there's no evidence that the compromised installations have been taken advantage of.
FishPig is urging users to assume that all paid FishPig Magento 2 modules have been infected, and is advising them to upgrade all FishPig modules or reinstall existing versions from source.
News URL
https://www.helpnetsecurity.com/2022/09/14/fishpig-extensions-compromised/
Related news
- XZ Utils Supply Chain Attack: A Threat Actor Spent Two Years to Implement a Linux Backdoor (source)
- New R Programming Vulnerability Exposes Projects to Supply Chain Attacks (source)
- JAVS courtroom recording software backdoored in supply chain attack (source)
- Suspected supply chain attack backdoors courtroom recording software (source)
- Supply Chain Attack against Courtroom Software (source)