Popular Magento WordPress Blog Extension FishPig Gets Hacked

Website Security Featured Image

FishPig Announced on their website that an intrusion was detected on their own website. The same file which allowed hackers to infiltrate FishPig is also used in the majority of FishPig’s extensions. This problem is also published by the security firm Sucuri.

FishPig says:

“An instrusion to the FishPig.co.uk extension license system was detected, causing a small piece of malicious PHP code to be injected pre-obfuscation into the Helper/License.php file. This file is included in most FishPig extensions so it is best to assume that all paid FishPig Magento 2 modules have been infected.”


This means that any website with FishPig extensions can get hacked at any moment. It is of course a must to upgrade whatever FishPig extension you are using. The most popular FishPig extension is the WordPress to Magento Integrator which was also our recommendation our clients until 2020. Since then we are simply using Magento native blog extensions to keep things simple.

To find out what if your FishPig extension is infected FishPig recommends to run this command:

php <(curl -Ls https://fishpig.co.uk/rekoobe-sh)

This shell script can be seen in plain text via this link:


There is a lengthy explanation of what to do and how in their own article. We recommend reading it if you plan to continue with FishPig. If it is difficult, we recommend using a blog extension and migrating your posts.

If you need help with this subject or Magento upgrades, please contact us today.