Google's Safe Browsing technology is blocking access to PHP.net as a precaution, after apparently detecting that some of its pages were booby-trapped with links to malicious software.
PHP is an open source web development language used on millions of websites, including those powered by the popular Wordpress and Joomla suites.
Now it seems to be issue has been resolved by admins and PHP.net is back as a normal clean website, after removing malicious scripts.
As per the Google's Webmaster Tools, the script at http://static.php.net/www.php.net/userprefs.js was included as suspicious, and Google's Safe Browsing diagnostics for php.net do suggest that malware has been present on the site in the last 90 days.
"Of the 1513 pages we tested on the site over the past 90 days, 4 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2013-10-23, and the last time suspicious content was found on this site was on 2013-10-23.
Malicious software includes 4 trojan(s). Malicious software is hosted on 4 domain(s), including cobbcountybankruptcylawyer.com/, stephaniemari.com/, northgadui.com/.
3 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including stephaniemari.com/, northgadui.com/, satnavreviewed.co.uk/."
The obfuscated JavaScript "userprefs.js" inserts a hidden iframe into the webpage, which loads content from an external site known for distributing malware.
PHP is an open source web development language used on millions of websites, including those powered by the popular Wordpress and Joomla suites.
Now it seems to be issue has been resolved by admins and PHP.net is back as a normal clean website, after removing malicious scripts.
As per the Google's Webmaster Tools, the script at http://static.php.net/www.php.net/userprefs.js was included as suspicious, and Google's Safe Browsing diagnostics for php.net do suggest that malware has been present on the site in the last 90 days.
"Of the 1513 pages we tested on the site over the past 90 days, 4 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2013-10-23, and the last time suspicious content was found on this site was on 2013-10-23.
Malicious software includes 4 trojan(s). Malicious software is hosted on 4 domain(s), including cobbcountybankruptcylawyer.com/, stephaniemari.com/, northgadui.com/.
3 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including stephaniemari.com/, northgadui.com/, satnavreviewed.co.uk/."
The obfuscated JavaScript "userprefs.js" inserts a hidden iframe into the webpage, which loads content from an external site known for distributing malware.
Dear All,
ReplyDeleteWe are going to introduce you a new and exciting world of social network.
FUNBOOK
Join now for free and be a part of this fast growing online social community. Enjoy the new features at one place.
Click Here to Join
or
feel free to contact us HERE
Your precious feedback is highly appreciated
Best of Luck