#Php code hacked to backdoors to software#
The backdoor mechanism was first spotted by Michael Voek, a Czech-based software engineer. When a site gets hacked, it seldom happens that the hacker has not left behind a malware to get access of the website again, in the future. "We don't yet know how exactly this happened, but everything points towards a compromise of the server (rather than a compromise of an individual git account)," Popov wrote. Hackers have breached the internal Git repository of the PHP programming language and have added a backdoor to the PHP source code in an attack that took place over the weekend, on Sunday, March 28. The hackers uploaded two pieces of malicious code as part of a commit to the PHP code base using the names of two core PHP developers, Rasmus Lerdorf and Nikita Popov, the developer who disclosed the breach. One of the PHP core developers disclosed the breach on the programming language's official mailing list on Sunday night, and the news was first reported by Bleeping Computer. PHP is used to program the servers behind almost 80 percent of websites on the internet, which means that this attack, if it had gone undetected, could have given the hackers the ability to take control of thousands of sites. Yesterday, two malicious commits were pushed to the php-src Git repository maintained by the PHP team on their server.
Hackers broke into the internal code repository of the PHP programming language and tried to backdoor the source code in a brazen attempt to hack the internet's supply chain. Here is the input that we will give: Harry Potter’ union select < system (REQUEST ‘cmd’) >,2,3 INTO OUTFILE ‘/var/www/test/execcmd. If you think that your website may have a PHP backdoor, the first step is to remove the malware from your environment.
0 kommentar(er)
