PHP’s Git Server Hacked To Add Backdoors To PHP Source Code

dotancohen writes: Late Sunday night, on March 28, 2021, Nikita Popov, a core PHP committer, released a statement indicating that two malicious commits had been pushed to the php-src Git repository. These commits were pushed to create a backdoor that would have effectively allowed attackers to achieve remote code execution through PHP and an HTTP header. “The incident is alarming considering PHP remains the server-side programming language to power over 79% of the websites on the Internet,” adds BleepingComputer.

“In the malicious commits [1, 2] the attackers published a mysterious change upstream, ‘fix typo’ under the pretense this was a minor typographical correction. However, taking a look at the added line 370 where zend_eval_string function is called, the code actually plants a backdoor for obtaining easy Remote Code Execution (RCE) on a website running this hijacked version of PHP.”

According to Popov, the first commit was detected a couple hours

Original URL:

Original article

Comments are closed.

Proudly powered by WordPress | Theme: Baskerville 2 by Anders Noren.

Up ↑

%d bloggers like this: