PHP :: Bug #65957 :: Google safebrowsing detecting malware

Bug #65957

Google safebrowsing detecting malware

Submitted:

2013-10-24 08:42 UTC

Modified:

2013-12-10 09:24 UTC

Votes:	2
Avg. Score:	4.5 ± 0.5
Reproduced:	2 of 2 (100.0%)
Same Version:	0 (0.0%)
Same OS:	0 (0.0%)

From:

Chris at 8086 dot net

Assigned:

karldeux (profile)

Status:

Closed

Package:

Website problem

PHP Version:

Irrelevant

OS:

N/A

Private report:

CVE-ID:

None

View Developer Edit

Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.

php.net Username: php.net Password:

Quick Fix:	(description)
	Block user comment
Status:		Assign to:
Package:
Bug Type:
Summary:
From:	Chris at 8086 dot net
New email:
PHP Version:		OS:

New/Additional Comment:

[2013-10-24 08:42 UTC] Chris at 8086 dot net

Description:
------------
Visit http://www.php.net/ in Google Chrome.

Expected result:
----------------
View php.net website.

Actual result:
--------------
## Message in Chrome when visiting site.

The Website Ahead Contains Malware!

Google Chrome has blocked access to www.php.net for now.

## Avanced/details shows.

What is the current listing status for php.net?
Site is listed as suspicious - visiting this web site may harm your computer.

Part of this site was listed for suspicious activity 1 time(s) over the past 90 days.

What happened when Google visited this site?
Of the 1513 pages we tested on the site over the past 90 days, 4 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2013-10-23, and the last time suspicious content was found on this site was on 2013-10-23.
Malicious software includes 4 trojan(s).

Malicious software is hosted on 4 domain(s), including cobbcountybankruptcylawyer.com/, stephaniemari.com/, northgadui.com/.

3 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including stephaniemari.com/, northgadui.com/, satnavreviewed.co.uk/.

This site was hosted on 75 network(s) including AS36752 (YAHOO-SP1), AS23148 (TERREMARK), AS36444 (NEXCESS-NET).

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2013-10-24 08:54 UTC] bjori@php.net

We have already attempted to contact Google about this problem (requested a review, as described in their FAQs), and seemingly there is nothing we can do at this moment but to wait for them to decide to unblock us.

Sorry.

[2013-10-24 11:43 UTC] sandshrew at gmail dot com

Might be relevant:
news.ycombinator.com/item?id=6604251

[2013-10-24 12:55 UTC] johannes@php.net

Related To: Bug #65959

[2013-10-24 21:06 UTC] aharvey@php.net

Related To: Bug #65964

[2013-12-10 09:24 UTC] karldeux@php.net

-Status: Open +Status: Closed -Assigned To: +Assigned To: karldeux

[2013-12-10 09:24 UTC] karldeux@php.net

Thank you for your bug report. This issue has already been fixed
in the latest released version of PHP, which you can download at 
http://www.php.net/downloads.php

Google won't detect it as malware anymore.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Wed Sep 10 17:00:01 2025 UTC