Notepad++ hijacked by state-sponsored hackers

Pierre-Yves Lapersonne@programming.dev · 19 days ago

Wurzelfurz@feddit.org · 18 days ago

He added a link to a deep dive for the backdoor used in the attack.

artyom@piefed.social · 18 days ago

I’m so confused.

It doesn’t say anything about “state-sponsored attackers” outside of the headline? What state? Why?
Why is a Notepad app connecting to any servers or have credentials at all?

voracitude@lemmy.world · edit-2 2 days ago

deleted by creator

Dem Bosain@midwest.social · 18 days ago

It wasn’t specifically notepad++ code, but a custom-written updater. That’s why it was connecting to the internet.

village604@adultswim.fan · 18 days ago

I mean, it is n++ code because the updater is part of the code base. They just didn’t have the connection to the update server hardened.

This was patched in like December, though.

Calfpupa [she/her]@lemmy.ml · 18 days ago

It used to be that being a ML (Malicious Linguist) in someones garage was the rage, now we got “Hackers with Chinese characteristics” smh