Technology

PHP.net Website Will Have Renewed SSL Certificates

November 14, 2013 | By Editor 

With a goal to secure access and make the website more user friendly, the PHP group is planning to reset passwords on the official php.net website. It is the official website of the PHP programming language. The website has been compromised by unidentified attackers just days ago when they took control of two different servers and multiple malicious codes were injected into the pages. In order to stop them from claiming more pages, the developers have decided to change their SSL Certificates.

The new encryption procedure will ensure even if the keys were compromised or if the attackers tried to exploit the existing security system, they will be unable to do so. Website attack was confirmed when Google Safe Browsing service, an initiative by the search engine giant to stop malware distribution found the PHP website to be distributed trojans, bugs as well as multiple virus files to its visitors. It is a popular site frequented by huge lists of visitors from around the globe and one stop source for everything that programmers need.

PHP SSL Certificates

At first, the group couldn’t recognize whether the attack is for real. They safely assumed that this is a false positive alert and the website is indeed safe. After a certain time period, they investigated various parts of the pages to see if any malware injection can be found. They found a malicious Javascript code named userpref.js which exploited third party websites and made sure whatever malware developed by the attackers was subtly injected into the visitors computers.

A strong investigation PHP group team is now working while SSL Certificates are being changed. The team’s main objective is to see if PHP distribution packages are being supplied and also to make sure if the source code has been compromised or not. Every affected service is now no longer being hosted in the same server and has been fully shifted for security reasons.

Java script malicious code has been confirmed to be the malware that the attackers injected but the original method they used to inject this script is unknown as of now. The team is investigating to find their source and the way they manipulated the website into acting as a host to distribute the said malware. SSL Certificates on the website will be revoked now because the PHP group doesn’t want hackers exploiting private certificate keys in case they have managed to get hold of it during the breach. A new cert is yet to be issued to the sub domains as well and users who visited the website in the month of October are being advised to run a full scan for malware instances.

<< Report States 8 Out of 10 Users Are Trojan InfectedHow To Use Gmail SSL Encryption? >>

Posted in Technology

Be Sociable, Share!

Leave a Comment


 


* fields are mandatory