Official PHP Git Server Attacked In An Endeavor To Bury Malware In The Codebase

22
Optus Places McAfee Monitoring on its Home Router to Prevent Malware

The official PHP Git server has been negotiated in a possible attempt to plant malware into the codebase of the PHP project.

Recently, Nikita Popov, PHP programming language developer, and maintainer said in a statement that two malicious commits were appended to the PHP-src repository in his name as well as that of PHP inventor Rasmus Lerdorf.

However, rather than avoiding detection by appearing very benign, contributors who carefully looked at the ‘Fix typo’ commits remarked malicious code that prompted arbitrary code within the user-agent HTTP header if a string started with content related to Zerodium.

To Read More: ZDNet