Those familiar with the geek side of the tech industry are likely to be familiar with the many programming languages behind the world’s most popular software. There is Java that is used for Android, Microsoft’s C # and C and C ++ that is the basis of many high performance applications, from server to games and those that control rockets and satellites. When it comes to the Web and the invisible layers of the Internet, however, the venerable Perl has been one of the languages of choice and has now undergone a major setback that could put many of its users at risk from hackers.
Despite its history and lineage, Perl has become less popular in recent years, falling behind in younger programming languages such as Python and Rust. It cannot be denied, however, that many systems still rely on Perl and its developers swear by the convenience of CPAN, the Comprehensive Perl Archive Network, which has become the model for other languages to follow. Unfortunately, the latter can now become a risk after one of the Perl domains has been hijacked.
Over the weekend, the Perl infrastructure blog, Perl NOC, reported that perl.com was hijacked and no longer points where it should. Instead of being a Perl-related news and articles site, it now points to a parking site, but that is only superficial. The most worrying finding is that there are indications that it points to IP addresses that have been used to distribute malware in the past.
To be clear, the official website for the Perl programming language, perl.org, remains secure and intact. Perl.com, unfortunately, is also used as a mirror or backup to distribute modules via CPAN. In other words, there is a risk that hijackers could take advantage of this connection to compromise systems using Perl and CPAN.
The work is already being done to recover the domain, although there is still no estimated time for everything to return to normal. In the meantime, it is highly recommended not to visit perl.com and remove it from CPAN settings.