An unknown attacker compromised download links for the phpBB forum software including the two download links, the phpBB 3.2.2 full package and the phpBB 3.2.1 -> 3.2.2 automatic updater.
The compromised download links were live only for 181 minutes.
The point of entry was a third-party site.
The download links pointed the users off-site to malicious versions of the original phpBB files that also contained additional "malicious code".
Around 500 individuals were affected by the malicious version as the infrastructure team responded quickly and removed it.
Source: https://www.bleepingcomputer.com/news/security/hacker-compromised-official-phpbb-download-links/
TPRM report: https://www.rankiteo.com/company/phpbb-ltd
"id": "php185913522",
"linkid": "phpbb-ltd",
"type": "Ransomware",
"date": "6/2017",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'customers_affected': '500',
'industry': 'Software Development',
'name': 'phpBB',
'type': 'Organization'}],
'attack_vector': 'Compromised Download Links',
'description': 'An unknown attacker compromised download links for the phpBB '
'forum software including the phpBB 3.2.2 full package and the '
'phpBB 3.2.1 -> 3.2.2 automatic updater.',
'initial_access_broker': {'entry_point': 'Third-party site'},
'motivation': 'Malicious Intent',
'response': {'containment_measures': 'Removed malicious links'},
'threat_actor': 'Unknown',
'title': 'phpBB Forum Software Download Links Compromise',
'type': 'Software Tampering'}