Notepad++ Users in China Hack May Have Received Backdoored App
China state hackers breached Notepad++ infrastructure for months, delivering malicious updates to targeted users with a sophisticated backdoor named Chrysalis.
Notepad++: A popular Windows app was hacked. From June to December, hackers from China broke into the app’s update system. They sent bad versions of the app to some users. The hackers used a special tool called Chrysalis to steal information.
The attack worked like this: When the app checked for updates, it went to bad servers instead of good ones. The bad servers sent files that had hidden spyware. Even after the main attack stopped in September, the hackers kept access until December. They could still pick which users got bad updates.
Three companies found hackers in their computers after employees used Notepad++. All three companies work in East Asia. The app maker found the problem in November when they changed how updates worked. Security experts say you had to break into the internet service itself to do this attack. They also warn that fake versions of Notepad++ are easy to find online with links to trojan software.