Hackers Manage To Attack Official PHP Repository


Published on:

Hackers briefly managed to gain control of PHP’s Git repository. Two backdoors were added to the code. So far, there is no information on how the attack succeeded.

PHP is free software, and therefore its source code is public, and anyone can download it and consult it in its official Git repository. However, only a few developers of the official project can modify that code to include new functions and fix bugs.

Although the details of the attack are not yet known, it is known that the attackers posed as two PHP developers, using their rights to modify the code. In fact, one of those affected is the creator of PHP, Rasmus Lerdorf.

Everything indicates that it was not a fortuitous attack but that it was planned since the attackers managed to modify the code to include a “backdoor.” Specifically, a server that uses the modified code will allow remote code execution.

The backdoor is triggered by the string “Zerodium.” This is the name of a well-known exploit dealer. However, it is unlikely that Zerodium was actually responsible for the attack.

The only good news is that this malicious code did not last long on the official server. The first modification was detected a couple of hours later, thanks to a routine check that is carried out with all updates.

Affected are only people who have checked out the Git code of PHP within a short period of time and installed it on a publicly accessible server.

Although the investigation of the facts is still ongoing, PHP developer Nikita Popov informed the community about the incident in an email and immediately announced that the development of PHP will take place on Github in the future. It was decided that “maintaining our own Git infrastructure is an unnecessary security risk,” says Popov.

So far, PHP has used a combination of the software Gitolite and a self-developed access system called Karma. According to Popov, everything indicates that the Git hosting server has been compromised and that it is not an attack on individual accounts.

In addition, more restrictions have been imposed for those who want to participate in the project, including measures such as two-step authentication.

Sabarinath is the founder and chief-editor of Code and Hack. With an unwavering passion for all things futuristic tech, open source, and coding, he delves into the world of emerging technologies and shares his expertise through captivating articles and in-depth guides. Sabarinath's unique ability to simplify complex concepts makes his writing accessible and engaging for coding newbies, empowering them to embark on their coding journey with confidence. With a wealth of knowledge and experience, Sabarinath is dedicated to providing valuable insights, staying at the forefront of technological advancements, and inspiring readers to explore the limitless possibilities of the digital realm.

Related Posts:

Leave a Reply

Please enter your comment!
Please enter your name here