ID: IRCNE2013101996
Date: 2013-10-26
According to “ZDNet”, Google's safe browsing API, a security blacklist service which warns of malicious web sites, has marked the php.net site as malicious. As a result, users of Google Chrome and Mozilla Firefox get a dire warning when attempting to visit the site.
PHP is an extremely popular web server-side scripting language and PHP.net is the home page for it. PHP creator Rasmus Lerdorf tweeted several hours ago about the blockage and claimed it was a false positive.
The detail provided by Google includes the following information:
Of the 1613 pages we tested on the site over the past 90 days, 4 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2013-10-24, and the last time suspicious content was found on this site was on 2013-10-23.
Malicious software includes 4 trojan(s).
Malicious software is hosted on 4 domain(s), including cobbcountybankruptcylawyer.com/, stephaniemari.com/, northgadui.com/.
3 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including stephaniemari.com/, northgadui.com/, satnavreviewed.co.uk/.
The Netcraft analysis points to a Hacker News analysis which indicates that PHP.net may, in fact, have been compromised. And the file they cite as malicious has since been removed from the PHP repository.
- 2