HaBangNet Corp

×
×

News: PEAR PHP Compromised - Possible Backdoor Going Back 6 Months!

Published: 24/01/2019 Back

If you use the popular PEAR PHP extension or have within the last 6 months, there is a possibility that a backdoor could have been introduced depending on how you installed the extension.

"... this does *not* affect the PEAR installer package itself... it affects the go-pear.phar executable that you would use to initially install the PEAR installer. Using the `pear` command to install various PEAR package is *not* affected."

There is still a lot of questions and PEAR PHP are in the process of investigating the full extent of what happened. Please check the references below for the latest updates.

Reference(s):
------------

https://twitter.com/pear

http://blog.pear.php.net/

https://arstechnica.com/information-technology/2019/01/pear-php-site-breach-lets-hackers-slip-malware-into-official-download/


Powered by HostBill