Follow

Hackers have successfully manipulated a default plugin within the Notepad++ package, potentially compromising the security of countless systems.

The plugin in question, “mimeTools.dll,” is a standard component of Notepad++ that provides encoding functionalities

asec.ahnlab.com/ko/63738/

ASEC has provided the following indicators of compromise (IoCs) for users to check their systems:

MD5 hashes of the compromised package files and individual components.
The URLs of the C2 server involved in the attack.

The security community is actively working to address this threat, and users of Notepad++ are strongly advised to verify their installations’ integrity and update their software from the official Notepad++ website.

Notepad++ users are strongly advised to verify their installations’ integrity and update their software from the official Notepad++ website.

@ecksmc I guess it pays to have a seldom used, rather old version installed on my machine. I just looked at the directory and there's no cert.

Sign in to participate in the conversation

CounterSocial is the first Social Network Platform to take a zero-tolerance stance to hostile nations, bot accounts and trolls who are weaponizing OUR social media platforms and freedoms to engage in influence operations against us. And we're here to counter it.