Perl.com domain for programming language hijacked, tied to malware actors

By JC Torres/Feb. 1, 2021 12:53 am EST

Those familiar with the geekier side of the tech industry will probably be familiar with the many programming languages behind the world's most popular software. There's Java that's used for Android, C# from Microsoft, and C and C++ that underlies many high-performance applications from server to games to those that control rockets and satellites. When it comes to the Web and the invisible layers of the Internet, however, the venerable Perl has been one of the languages of choice and it has now experienced a rather major setback that could put many of its users at risk from hackers.

Despite its history and lineage, Perl has become less popular in recent years, falling behind younger programming languages like Python and Rust. It can't be denied, however, that many systems still rely on Perl and its developers swear by the convenience of CPAN, the Comprehensive Perl Archive Network, that has become the blueprint for other languages to follow. Unfortunately, that latter could now become a liability after one of Perl's domains got hijacked.

Over the weekend, the Perl infrastructure blog, Perl NOC, reported that the perl.com was hijacked and no longer points to where it should. Instead of being a site for Perl-related news and articles, it now points to a parking site but that's only on the surface. The more worrying discovery is that there are clues it is pointing to IP addresses that have been used to distribute malware in the past.

To be clear, the Perl programming language's official website, perl.org, remains secure and intact. Perl.com, unfortunately, is also used as a mirror or backup for distributing modules via CPAN. In other words, there is a risk that hijackers could take advantage of this connection to compromise systems using Perl and CPAN.

Work is already being done to reclaim the domain though there is no estimated time yet when everything will be returned to normal. In the meantime, it is strongly advised not to visit perl.com and to remove it from CPAN settings.