A hacker (illustration).
-
Jaap Arriens / Sipa USA / SIPA
A catastrophe was averted.
A hacker has managed to break into the source code of the future version of PHP to install a "backdoor", a backdoor in the software, reports
Bleeping Computer
.
If it had not been identified, this program change could have compromised the security of many Internet sites.
The programming language PHP makes it possible to operate 80% of the totality of the Web sites in the world.
The corruption of the program was spotted this Sunday at the end of the day by the team in charge of the security of PHP.
Two changes in the source code appeared earlier today.
They claimed to correct a typo in the code.
It appeared that these changes were added by two reputable PHP developers, but it was actually a hacker behind the manipulation.
The server has been corrupted
According to the first elements of the investigation, the hacker did not corrupt the programmer's account but the server managed by the organization itself.
The malicious changes were made to PHP version 8.1 under development, which is expected to be released later this year.
If this “backdoor” had not been identified, a good number of users would have downloaded the update, believing it to be safe.
Hackers could thus have taken control of any site with the latest version of the program.
The investigation will continue to find out the extent of the flaw and ensure that no other intrusion compromises the security of the PHP program.
In the meantime, contributions will be made on the GitHub platform.
Society
Internet: The personal data of 363,000 Haut-Garonnais leaks after a hack
World
United States: Child Takes Over Nuclear Weapons Command Twitter Account
High-Tech
Hacker
Internet
Pirate
Piracy