The developers of the PHP programming language fell victim to a hacker attack. As “Bleeping Computer” reports, the criminals have succeeded in building a back door into the source code of the programming language. Web servers on which this manipulated PHP version would have been used would have been easily vulnerable afterwards.
Disguised as a trivial correction
The focus of the attack was the PHP developers’ Git server. These servers make it possible to develop program code together. Changes are made via so-called “Commits”.
According to “Bleeping Computer”, the criminals managed to submit such a commit on behalf of PHP inventor Rasmus Lerdorf. According to the accompanying comment, it was an “irrelevant typographical correction”.
Fixed problem, curbed source code
It took a few hours to notice the malicious change and to reverse it, “Bleeping Computer” quotes a PHP developer. It is assumed that the attack did not take place via a hacked user account, but rather via vulnerabilities in your own Git server.
The PHP development team has already reacted accordingly: “We have decided that maintaining our own Git infrastructure is an unnecessary security risk and that we will no longer operate the git.php.net server,” “Bleeping Computer” quotes PHP -Maintainer Nikita Popov. The team now maintains the source code for the programming language on the public platform Github. This has belonged to the tech group Microsoft since the summer of 2018, which at the time shelled 7.5 billion US dollars for it.
If you would like to read more about cybercrime and cybersecurity, register here for the weekly newsletter from Swisscybersecurity.net. The portal has daily news about current threats and new defense strategies.