Hack Confirmed

Yesterday in our article Blacklisted By Google Rasmus Lerdorf, the creator of php, claimed Google reported a false positive. Today however admits two of their servers were compromised with malicous JavaScript code.

From October 22nd thru the 24th the two servers infected visitors committing code to projects hosted on or with malicous JavaScript code. Once this was discovered the services on these two servers were migrated to a secure server and a new SSL certificate was issued.

Spokes people at said, “All user passwords have also been reset, but neither the source tarball downloads nor the Git repository were modified or compromised.” 

Using an unknown method criminals injected a malicous iFrame which delivered the Tepfer Trojan from the Magnitude exploit kit onto unsuspecting users. This was confirmed by security researcher Fabio Assolini at  Kaspersky Labs. is stilling working to clean up the infection.

Traffic analisys from the web information company Alexa lists as the 229th most visited site in the world. This means there must have been quite a few computers infected by the malicous JavaScript.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s