Google detected Malware on PHP.net website; Flagged as 'Suspicious' site

If you are today trying to visit the php.net website, an official website of the PHP scripting language, you will likely see the above shown result, instead of the original website.

Chrome and Firefox is currently flagging the site as "suspicious" and contains malware that can harm your computer.

According to Google's Webmaster Tools, the script at http://static.php.net/www.php.net/userprefs.js was included as suspicious, and Google's Safe Browsing diagnostics for php.net do suggest that malware has been present on the site in the last 90 days:

"Of the 1513 pages we tested on the site over the past 90 days, 4 page(s) resulted in malicious software being downloaded and installed without user consent."

"Malicious software includes 4 trojan(s). Malicious software is hosted on 4 domain(s), including cobbcountybankruptcylawyer.com/, stephaniemari.com/, northgadui.com/ . 3 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including stephaniemari.com/,northgadui.com/, satnavreviewed.co.uk/ ." 

The obfuscated JavaScript "userprefs.js" inserts a hidden iframe into the webpage, which loads content from an external site known for distributing malware.

This suggests that the website may have been compromised recently. Well, Google's Safe Browsing team will be looking into the issue and we will update this article if we hear anything from Google or PHP site owner.

Update (1:42 PM Thursday, October 24, 2013 GMT): It seems that the issue has been resolved by admins and PHP.net is back as a normal clean website, after removing malicious scripts.