The PHP group states that PHP Group will change the Password
for an account on php.net, after the attackers attack the programming language
decide to change the site’s SSL certificate, as two servers and stick the
malicious code in the website.
On Tuesday security breach has confirmed that the Google
safe browsing service has blacklisted the site for scattering malware, which
stimulated the Mozilla Firefox and Google chrome to block the users from visit
it.
The PHP Group initially predicts that the warnings are
because of the false positive detection, but a more depth investigation
discloses that the attackers had injected into the malicious JavaScript code
into one of the site files called userprefs.js. That code executed employ from
a third party website that if successful, establishes a piece of malware on
visitor’s computers.
The PHP group investigated, which is still in progress,
disclosed that the compromise extended to two servers: the server that hosted
www.php.net, static.php.net and git.php.net and bugs.php.net, the project's bug
tracking system.
There is no prove that the PHP distribution packages or the
Git source used for source code management have been conceded.
The PHP group claimed that “We have checked our Git
repository was not negotiated and it remains in read mode only as services are
carried in the full backup.”
The technique used by the attackers to compromise the two
servers and stick the rogue code into userprefs.js has yet to be checked out.
The PHP Group said. Php.net operators who contribute to various project like
svn.php.net or git.php.net is having their password reset.
The visitors who had visited between the oct.22 and Oct. 24
on php.net should scan their computers for malware.
.
0 comments:
Post a Comment