At the last minute, the PHP programming language prevented a backdoor from being channelled onto numerous web servers and developer PCs. Attackers had succeeded in smuggling malicious code into the official sources.
A corresponding warning by the PHP team was published over the weekend. Accordingly, the attackers probably used a vulnerability in the Git system of the PHP project to add their own source code. To prevent the other developers from noticing this, they faked the sender of their posts. At first glance, they looked like commits by the PHP inventor Rasmus Lerdorf or Nikita Popov, who is also part of the core team, with which only minor spelling errors should be corrected.
The attackers are betting that other programmers involved will not look closely at what should be corrected there. Fortunately, this hope was not fulfilled. And so someone discovered that two backdoors were being built into the PHP source code that could have consequences for millions of users.
Moved to GitHub
Because such supply chain attacks are very interesting for the perpetrators. In the present case, it would have been sufficient to accommodate the malicious code in PHP in order to gradually compromise an extremely large number of web servers. Because when updates were installed, the malicious code would have been installed at the same time. The attackers would then have been able to smuggle further code onto the affected server and execute it.
The attack on the PHP sources is probably due to a vulnerability in the Git installation itself and not to user accounts that were taken over. As a consequence of the matter, the PHP team decided to give up the operation of their own code management system and to host the entire project directly on GitHub in the future. The infiltrated backdoors have already been completely removed. In addition, the supporters are currently working through the past code submissions to ensure that no further vulnerabilities were built into PHP.
I’m a communication enthusiast and junior editor-reporter at Research Snipers RS-NEWS, I have completed a degree in Mass Communication but very enthusiast about new technology, games, and mobile devices. I have the main interest in Technology, business and social news.