Kaspersky Lab senior security researcher Fabio Assolini said on Twitter that if successful, the exploits installed a Trojan program called Tepfer.
The Tepfer malware is designed to steal log-in credentials and configuration information from FTP client software, according to an August analysis by researchers from Fortinet.
Many users who visit the php.net website are Web developers and they are likely to store FTP log-in credentials on their computers for the websites they maintain. Users who believe they might have been compromised as a result of this attack should probably change the log-in credentials stored in their FTP clients.
Sign up for CIO Asia eNewsletters.