Rekall IncorporatedFeb 4

Notepad++ users take note: It's time to check if you're hacked

Suspected China-state hackers used update infrastructure to deliver backdoored version.

Notepad++ users take note: It's time to check if you're hacked

Suspected China-state hackers used update infrastructure to deliver backdoored version.

Ars Technica
Show threadKissaki

Direct link to the indicators of compromise that you can check on

The update system hoster determined the compromise was only used against specific targets, so it’s relatively unlikely “normal people” would have been compromised. But if you want to check, you can check on those indicators. These only cover what was discovered on identified compromise, though.

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

Rapid7 Labs, together with the Rapid7 MDR team, has uncovered a sophisticated campaign attributed to the Chinese APT group Lotus Blossom.

Rapid7
Feb 5 at 7:21amWeb