Mozilla Firefox and Google Chrome issue a warning that PHP.net is riddled with malware thanks to Google’s safe browsing API. Google’s security blacklist service has tagged the site as malicous.
PHP.net is the home for information, education and releases related to the popular scripting language. PHP is a scripting language that runs on the server instead of in your browser. The advantage to this is that it requires no browser plugins or extensions to work.
Google claims that during a 90 day period of testing, 4 pages of the 1613 pages tested downloaded and installed malware without their permission. The malware discovered by the Google safe browsing API consisted of 4 Trojans all hosted on different domains, cobbcountybankruptcylawyer.com, stephaniemari.com, northgadui.com and satnavreviewed.co.uk. Of these, 3 seem to be middle men – stephaniemari.com, northgadui.com, and satnavreviewed.co.uk.
In a Tweet Just a few hours ago Rasmus Lerdorf, the creator of PHP, claimed this is a false positive.
Google Chrome issues the following warning:
And Mozilla Firefox shows this:
So far no warnings for PHP.net appear in web the security features of Sophos, ESET, Symantec or McAfee.