From https://www.freedownloadmanager.org/blog/?p=664:
It appears that a specific web page on our site was compromised by a Ukrainian hacker group, exploiting it to distribute malicious software. Only a small subset of users, specifically those who attempted to download FDM for Linux between 2020 and 2022, were potentially exposed. It’s estimated that much less than 0.1% of our visitors might have encountered this issue. This limited scope is probably why the issue remained undetected until now. Intriguingly, this vulnerability was unknowingly resolved during a routine site update in 2022.
Until yesterday they even didn’t know that they were hacked for years, then cleaned the file by accident when doing automatic updates; now they know who did that. Seems a way to shift blame
Have you read the code? Ukrainian clowns were behind this, just like the node-ipc NPM incident. There is a thread on HN about it as well, if you want to read.