Notepad++ Update Hijack Exposed as Potential Spy Operation

The developer of popular text and code editor Notepad++, Don Ho, has revealed that the app’s shared hosting servers were hijacked by a malicious update for months, potentially compromising user data and allowing for espionage. According to Ho, the hacking incident occurred at the end of the app’s unnamed hosting provider and lasted from June 2022 until December 1st, 2023. The update in question was likely designed by a state-sponsored Chinese group, with its primary intention being to spy on unsuspecting users. The malicious update exploited vulnerabilities in Notepad++’s server-side traffic, redirecting it to attacker-controlled servers for analysis. This could have exposed sensitive information about users who downloaded and installed the tainted update during this six-month period. Ho has since taken steps to rectify the situation and ensure that users can trust the app’s updates moving forward.