8
votes
If you installed PEAR PHP in the last 6 months, you may be infected.
Link information
This data is scraped automatically and may be incorrect.
- Title
- PEAR PHP site breach lets hackers slip malware into official download
- Authors
- Dan Goodin
- Published
- Jan 23 2019
- Word count
- 600 words
Quick note: To my knowledge, this only affects
pear.php.net
direct downloads of thego-pear.phar
file, particularly important to consider if you've installed on Windows or Mac machines where PEAR doesn't come pre-packaged with PHP.Additionally, the PEAR Twitter account indicates that Homebrew installs should not be compromised and that the date range of infection is likely only for installs after 2018-12-20. For the latter, there's no guarantee and you should still validate your installs, but there's no indication that earlier installs are affected.
For real-time information from the PEAR team, check their Twitter account. Their website is down for now, but a blog post will be up once they're satisfied with a fix and have everything up and running again.