Magento | PHP | Shopify | WordPress Tutorial

Magento vendor Fishpig hacked – Rekoobe malware

Fishpig, a vendor of popular Magento-Wordpress integrations, has been hacked. Hackers have injected malware in multiple extensions from FishPig, a vendor of Magento-WordPress integrations that count over 200,000 downloads.
FishPig has confirmed the incident and published a status page. It recommends customers to upgrade and/or reinstall all FishPig modules.
Magento is a popular open-source eCommerce platform used for building electronic shops, supporting the sale of tens of billions USD worth of goods annually.

The malware

Hackers injected malicious code into License.php, a file that validates licenses in premium FishPig plugins, which downloads a Linux binary (“lic.bin”) from FishPig’s servers (“license.fishpig.co.uk”).The binary is Rekoobe, a remote access trojan (RAT) that has been seen in the past being dropped by the ‘Syslogk’ Linux rootkit.
The binary is Rekoobe, a remote access trojan (RAT) that has been seen in the past being dropped by the ‘Syslogk’ Linux rootkit.

Solution

As per fishpig stated , merchants need to reinstall the extension

It is recommended to upgrade all FishPig modules, or reinstall existing versions from source, regardless of whether or not you are using extensions known to be infected. This will ensure clean and secure code on your system.

By Jignesh Chabhadiya

I am a Software Engineer with 9+ years of experience in software development. I am a Magento Certified Developer / Adobe Certified Expert-Adobe Commerce Developer.I have sharp skills in PHP language, Magento, WordPress, Shopify, HTML, CSS, Jquery, AJAX. Love to take challenges in troubleshooting problems of the software world. Familiar with web development and content management systems.

Leave a comment

Your email address will not be published. Required fields are marked *