JAKARTA - A group of Chinese-sponsored hackers is reported to have hijacked the Notepad++ update system, a popular text editor available on Windows, to distribute malicious software.
This cyber attack exploits a weakness in the official domain of the website to redirect downloads to an attacker's server. In the investigation conducted by the Notepad++ developers, hackers are known to target the domain hosting provider notepad-plus-plus.org.
This attack allows hackers to modify automatic download links. That way, users can accidentally download updates containing viruses. This attack is suspected to have been going on since June 2025.
Although it has been going on for a long time, hackers only target certain organizations in the US. Users affiliated with the telecommunications and financial services sectors are the main targets in this cyber attack.
"The attackers specifically targeted the Notepad++ domain with the aim of exploiting inadequate update verification controls," said Notepad++ developer Don Ho, quoted via PC Mag on Thursday, February 5.
The Notepad++ security report states that hackers spread a program called update.exe that automatically opens a backdoor on the victim's computer. This program hides files in the system folder to steal sensitive data.
As a step to improve, Notepad++ is now releasing the latest version 8.8.9 and 8.9.1 which comes with a more stringent certificate verification feature. The application has also switched to a new hosting provider that offers better security systems.
The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)
Most Popular Tags
#Prabowo Subianto #donald trump #Hajj pilgrimage 2025 #public school #bgn #konflik timur tengahPopular
