Web Hosting Forum - Net Hosting Talk

We are a community of individuals and businesses passionate about web hosting. Let's build, learn, and grow together.

Official PHP Git server hacked to add malware in PHP source code

Hi all,

On Sunday, PHP programming language developer and maintainer Nikita Popov said that two malicious commits were added to the php-src repository in both his name and that of PHP creator Rasmus Lerdorf.

The malicious commits, which appeared to be signed off under the names of Popov and Lerdorf (1,2), were masked as simple typographical errors that needed to be resolved. The code appears to be designed to implant a backdoor and create a scenario in which remote code execution (RCE) may be possible. Popov said the development team is not sure exactly how the attack took place, but clues indicate that the official git.php.net server was likely compromised, rather than individual Git accounts.

As a precaution following this incident, PHP maintainers have decided to migrate the official PHP source code repository to GitHub.