PHP.net hacked?

Today I was not able to access PHP.net from within Firefox without a big red warning. Did PHP.net get hacked?

PHP.net hacked

I’m currently talking to other people on IRC and news sites to get information about this hack. We are not sure weather this is a false positive at the moment.

Update 1:

Rasmus Lerdorf: Except the WebMaster Tools points to http://static.php.net/www.php.net/userprefs.js as the problem. Maybe they added some new js check?

Zeev Suraski: We know Google is flagging php-dot-net as containing malware. This is most probably incorrect and we’re working to fix it. Please RT.

Google Discussion with PHP.net Webmaster: http://productforums.google.com/forum/m/#!topic/webmasters/puLmvjtK0m8

Update 2:

Firefox and Chrome do not display php.net as malicious site anymore!

Update 3:

This malicious JavaScript might have caused the flagging: https://news.ycombinator.com/item?id=6604251

It hides in the cache or only appears to specific users.

Update 4:

The site got actually hacked and this was not a false positive. Attackers have compromised two servers. Read more: the official PHP.net statement.

 

(Featured image taken from adafruit.com.)

Leave a Reply

Your email address will not be published. Required fields are marked *