PHP :: Bug #65957 :: Google safebrowsing detecting malware

Bug #65957

Google safebrowsing detecting malware

Submitted:

2013-10-24 08:42 UTC

Modified:

2013-12-10 09:24 UTC

Votes:	2
Avg. Score:	4.5 ± 0.5
Reproduced:	2 of 2 (100.0%)
Same Version:	0 (0.0%)
Same OS:	0 (0.0%)

From:

Chris at 8086 dot net

Assigned:

karldeux (profile)

Status:

Closed

Package:

Website problem

PHP Version:

Irrelevant

OS:

N/A

Private report:

CVE-ID:

None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	Chris at 8086 dot net
New email:
PHP Version:		OS:

New Comment:

[2013-10-24 08:42 UTC] Chris at 8086 dot net

Description:
------------
Visit http://www.php.net/ in Google Chrome.

Expected result:
----------------
View php.net website.

Actual result:
--------------
## Message in Chrome when visiting site.

The Website Ahead Contains Malware!

Google Chrome has blocked access to www.php.net for now.

## Avanced/details shows.

What is the current listing status for php.net?
Site is listed as suspicious - visiting this web site may harm your computer.

Part of this site was listed for suspicious activity 1 time(s) over the past 90 days.

What happened when Google visited this site?
Of the 1513 pages we tested on the site over the past 90 days, 4 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2013-10-23, and the last time suspicious content was found on this site was on 2013-10-23.
Malicious software includes 4 trojan(s).

Malicious software is hosted on 4 domain(s), including cobbcountybankruptcylawyer.com/, stephaniemari.com/, northgadui.com/.

3 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including stephaniemari.com/, northgadui.com/, satnavreviewed.co.uk/.

This site was hosted on 75 network(s) including AS36752 (YAHOO-SP1), AS23148 (TERREMARK), AS36444 (NEXCESS-NET).

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2013-10-24 08:54 UTC] bjori@php.net

We have already attempted to contact Google about this problem (requested a review, as described in their FAQs), and seemingly there is nothing we can do at this moment but to wait for them to decide to unblock us.

Sorry.

[2013-10-24 11:43 UTC] sandshrew at gmail dot com

Might be relevant:
news.ycombinator.com/item?id=6604251

[2013-10-24 12:55 UTC] johannes@php.net

Related To: Bug #65959

[2013-10-24 21:06 UTC] aharvey@php.net

Related To: Bug #65964

[2013-12-10 09:24 UTC] karldeux@php.net

-Status: Open +Status: Closed -Assigned To: +Assigned To: karldeux

[2013-12-10 09:24 UTC] karldeux@php.net

Thank you for your bug report. This issue has already been fixed
in the latest released version of PHP, which you can download at 
http://www.php.net/downloads.php

Google won't detect it as malware anymore.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Wed Sep 10 21:00:01 2025 UTC