Information Security News mailing list archives
PHP.net compromised and used to attack visitors
From: InfoSec News <alerts () infosecnews org>
Date: Fri, 25 Oct 2013 08:30:51 +0000 (UTC)
http://www.networkworld.com/news/2013/102513-phpnet-compromised-and-used-to-275241.html By Lucian Constantin IDG News Service October 24, 2013Visitors to the official website for the PHP programming language over the past couple of days might have had their computers infected with malware.
Hackers managed to inject malicious JavaScript code into a file on the php.net site called userprefs.js. The code made requests to a third-party website that scanned visitors' browsers for vulnerable plug-ins and executed exploits that, if successful, installed a piece of malware, said Daniel Peck, a research scientist at Barracuda Networks.
One of Barracuda's research tools detected and captured attack traffic from php.net late Tuesday evening, according to Peck.
The exploits served during the attack came in the form of malicious SWF files, so they most likely targeted vulnerabilities in Adobe Flash Player. However, Barracuda's researchers are still conducting their analysis and haven't identified yet exactly which vulnerabilities were targeted, Peck said.
[...] -- Find the best InfoSec talent without breaking your recruiting budget! Post a Job, $99 for 31 days. Hot InfoSec Jobs - http://www.hotinfosecjobs.com/
Current thread:
- PHP.net compromised and used to attack visitors InfoSec News (Oct 25)