Notepad++ hijacked by state-sponsored actors - Comments

See https://doublepulsar.com/small-numbers-of-notepad-users-reporting-security-woes-371d7a3fd2d9

In a world where international rules mean nothing, there is no need to pretend.

We used to consider these threats are not very likely to happen in the open because they're not very stealth.

But the stealthiness of a technique isn't just an inherent trait of its technical means, it's also a measure of monitoring and review in the system it's used against. In its most basic form (I'm not saying this is what happened, it's just the canonical example of this distinction) any threat is 100% stealthy if no one's watching. TLS interception isn't inherently stealthy on its own. But if you only need it to work for a few weeks, and you know no one's going to look for it for a few weeks, you've got yourself an extremely stealthy attack.

Plus, as BenjaminRi pointed out, the stealthiness threshold isn't exactly fixed, either. Realistically, a state actor targeting the infrastructure of a commercial hosting services provider in a foreign country can afford to break a lot of glassware these days. What are the victims going to do?

I feel like that's always been the vibe with these community-loved tools. Most of them don't pay much mind if any to infosec/opsec.

Probably backdooring end user machines by pushing updates with vulnerabilities for the purpose of spying, data exfiltration & control.

Agreed. Supply chain attacks are scary. I open all sorts of secrets in NPP - did they all get leaked?

And who was targeted. The current messaging is very vague.

There is more detail linked below:

https://www.heise.de/en/news/Notepad-updater-installed-malwa...

https://doublepulsar.com/small-numbers-of-notepad-users-repo...

The TLDR is that until version 8.8.7 of Notepad++, the developer used a self-signed certificate, which was available in the Github source code. The author enabled this by not following best practices.

The "good news" is that the attacks were very targeted and seemed to involve hands on keyboard attacks against folks in Asia.

Blaming the hosting company is kind of shady, as the author should own at least some level of the blame for this.

Yeah, Notepad++ is known for political messaging in their updates. Taiwan, Ukraine, etc.

And this https://notepad-plus-plus.org/news/v781-free-uyghur-edition/

I distinctly remember their GH page being flooded with issues written in Chinese.

Everyone is entitled to their opinions.

My opinion is that open source documentation is like polite dinner conversation: It’s not the proper place to discuss politics.

If an author wishes to use their open source project as a platform to discuss politics, that’s the author’s prerogative. But then, as perhaps in this instance, it could be to the detriment of the project itself.

Ah, so this has to do with mainland China going after those who think the Taiwanese do not belong to mainland China. Well, I see them as independent folks. Mainland China needs to stop thinking it can occupy land willy-nilly; unfortunately with USA, Russia and China thinking they can bully other countries that lack nukes, I think these smaller countries absolutely need nukes for defensive purpose.

It is also annoying that all these three countries think they can bully other countries too. That is basically them saying they can kill other people in other countries at all times no matter the real "reason" (just make up a fake reason, such as Russia with regard to Ukraine) - annoying to no ends.

Having said that, and I just pointed out I disagree with mainland China bullying the Taiwanese, I think it would actually be better to have software itself be completely apolitical. I never understood why people felt a need to tie political goals into software. That is a valid statement even if I happen to agree with the political goals here.

Similarly I worry about how these apps automatically update themselves. I know it can be done securely. I also doubt that these companies invest the engineering effort to do so.

If you think large companies are somehow immune to this, you’re gonna have a bad time.

I don’t get it, why don’t you all—absolutely all of you reading—use Little Snitch? [1]

It really doesn’t compute in my head why would any macOS user not use a network firewall like this, or similar, to block unwanted outgoing HTTP(s) requests. You can easily inspect the packet with tools like Wireshark or Burp Suite Professional (or Community) edition, or any other proxy tool, of which there are many in the macOS ecosystem.

And this is not unique to macOS, this is all possible in Windows, Linux and any other OS.

[1] https://www.obdev.at/products/littlesnitch/index.html

The thought crossed my mind as well. Lots of typos, plus "old version compromised, use new version ASAP" could also be said to get people on a newly compromised version, right? Though it's probably just that the post author is stressed and rushed the post out. I do wonder if there's a way to verify the post was written by the real dev and that he still has control. Old known GPG sig?

>This is also why update signatures should be validated against a different server; it would require hackers to control bother servers to go undetected

No, it should be a hardcoded key held by the developer, preferably using a HSM, and maybe with some sort of notification capability in case the key was lost. Adding a second server adds marginal security. For instance if the developer's mail was hacked, an attacker would likely be able to reset passwords for both hosting providers.

Previous NS records were pointing at dns-parking.com, which is Hostinger. Although hard to be certain without more details whether a reseller or other supplier is involved.

You can see this in their DNS history:

notepad-plus-plus.org currently has an A record of 95.128.42.184, owned by "Aqua Ray SAS".

It switched up from 191.101.104.10 and 212.1.212.49 on 17/1, which is are Hostinger IP addresses.

Maybe the hosting provider is currently undergoing an audit or implementing the changes?

I expect to know it one day, but it may be too early to provide the name now.

Lawsuits are expensive and I'd think that name and shaming would open npp up to one

Every shared hosting provider has this risk. Critical projects should be using dedicated or VPS hosting, preferably with encrypted filesystems too as even datacenter techs can fall victim to social engineering.

I'm pretty surprised that they got away with unsigned updates and shared hosting as long as they did. I wonder how many similar popular projects are out there on dodgy infrastructure.

You’d be protected from this particular exploit if you used a package manager rather than the updater, though of course you’d still be vulnerable to the installer binary itself getting compromised.

KDE's own kate is a good alternative, and available for install via chocolatey.

Gedit is an underrated alternative imo.

Sorry, what does this have to do with notepad++?

if you're going to give in and avoid applications because, like in this case they take a strong stance on Ukraine or Taiwan the hack has literally achieved its purpose. Either silence the author directly or destroy its userbase.

Fuck'em and just donate ten bucks to notepad++ , I'd rather my pc breaks then reward this crap

I hate to say this, but wariness of software developed within Russia has been around for ages, long before the current war.

Since there are a lot of both Ukrainian and Russian software developers, this is personal for a lot of people in the industry.

> anti-ukraine independence

What the fuck is that supposed to mean, lol. Ukraine isn’t done secessionist state.

> Seeing them engage in software maccarythism makes me very, very hesitant to provide them.

So are they wrong when flagging software or not? You haven’t provided any details.

Yea, should have finished reading. Remediation was to “ verify both the certificate and the signature of the downloaded installer. “

I mean for such a dev focused and extremely performant app, that’s disappointing.

Glad I’m off windows as of late

It's also possible the update manifest contained an url that the updater blindly trusted, and by modifying that file you could change what got downloaded.

So they just conveniently decided not to sign their releases right around the time they were supposedly "hacked"?

Something doesn't seem right here.

Exactly... Were they exflitrating files open in notepad++ , or was notepad++ installing additional malware for system wide access? What was the end goal?

They were able to replace the downloaded executable with their own version. From the article:

> 2. Even though the bad actors have lost access to the server from the 2nd of September, 2025, they maintained the credentials of our internal services existing on that server until the 2nd of December, which could have allowed the malicious actors to redirect some of the traffic going to https://notepad-plus-plus.org/getDownloadUrl.php to their own servers and return the updates download URL with compromised updates.

Right the writeup doesn't mention when it started and what versions are affected

Download the latest version and install that, instead of using the auto update feature of an old version that might not properly check signatures.

As for whether anything else has been compromised, it depends on whether you were targeted. And the payload might have been tailored to each target, so there's no way to know unless you have access to the exact binary. Unfortunately, binaries downloaded through the auto update feature tend not to linger in your Downloads folder.

Disable auto-updates, just like you should with every piece of software on your machine. This was the result of letting other people silently replace your programs. Don't allow that.

It might have been explicitly targeted, but they did say that there were older versions of Notepad ++ with ""insufficient update verification controls" so it might have just been there was only one subset of users actually susceptible to this.

I dont know who hacked the servers nor I do know how to find out. Let's blame state actors, who's going to come verify these claims.

Have you written about this experience elsewhere? That sounds absolutely nuts.

Someone tried to kill you?! People actually killed your friends? Not sure if schizophrenia or actual story ... I desperately need to hear more of this story.

> This was the exact same technique that was used in 2021 by Audacity's update mechanism, which also redirected traffic to servers hosted in other Aeza Group ASNs and planted a dropper for later campaigns.

I can't find anything about this, can you link a source?

The whole approach of virus scanning is reactive and incomplete. This is because, except for some uncertain guesswork using "heuristics", it depends upon vendor analysis of submitted malware infection samples after it's already happened to determine specific malware file/process signatures. This doesn't and cannot catch all possible malware that has ever happened, especially if it's new, not widespread, or evaded analysis from ever being noticed. Thus, a fraction of malware will always slip and will always remain undetectable.

After a machine is compromised by malware, there's rarely-to-never a trustworthy way to ever fix it with 100% certainty. And especially worrisome is "repair" from the host itself which maybe infected with a rootkit that hides and repairs the malware. Thus, the only correct solution is to completely reimage/reinstall from trusted sources. Deviate from this path at one's own extreme cost/risk.

There also exist a tiny amount of even worse, specialized malware, usually deployed by state actors, that infect hardware in such a way that makes them difficult and sometimes uneconomical to repair.

PSA: Never run untrustworthy shit on any machine that matters. This also includes FOSS projects that don't have their shit together.

Most edr has a “this program is doing something bad” detector. But the number of folks running security on their build process is still not ubiquitous.

No, it's specifically the updates that were targetted. I'm unsure about the downloads but those too are presumably at risk.

> The attackers specifically targeted Notepad++ domain with the goal of exploiting insufficient update verification controls that existed in older versions of Notepad++.

If the people with access to Room 641A want you, you're toast unless you're ready to make some REALLY big digital lifestyle changes that most people would not be amenable to, because you would have to be extremely paranoid on multiple fronts all the time. That kind of heightened vigilance is exhausting and really not worth it.

Threat modeling: it keeps things realistic.

It is baffling to me, as well. You know how you get a remote-code-execution vulnerability? You give a bunch of software permission to fetch code remotely and execute it.

How do you deal with the opposite, software that you forget to update but contains vulnerabilities discovered/exploited later?

This reminds me of college, when some of my professors were still sorting out their curriculum and would give us homework assignments with bugs in it.

I complained many times that they were enabling my innate procrastination by proving over and over again that starting the homework early meant you would get screwed. Every time I'd wait until the people in the forum started sounding optimistic before even looking at the problem statement.

I still think I'd like to have a web of trust system where I let my friends try out software updates first before I do, and my relatives let me try them out before they do.

If there’s anything I’ve learned from IBM, Red Hat, and CentOS, it’s that bleeding edge is actually what I’m supposed to want.

8.4.7 here. phew

>I'm still on 8.5.8 (Oct 2023) - it turns out I'm actually...safer?

Notepad++ site says The incident began from June 2025.

On their downloads page, 8.8.2 was the first update in June 2025 (the previous update 8.8.1 was released 2025-05-05)

So, if your installed version is 8.8.1 or lower, then you should be safe. Assuming that they're right about when the incident began.

edit: Notepad++ has published, on Github, SHA256 hashes of all the binaries for all download versions, which should let users check if they were targeted, if they still have the downloaded file. 8.8.1 is here, for example - https://github.com/notepad-plus-plus/notepad-plus-plus/relea...

> And perhaps a tool to e.g. do a checksum of all Notepad++ files, and compare them to the ones of a verified clean install of the user's installed version, would be a start?

Did I understand the attack wrongly? The software could have a 100% correct checksum, because the attack happened in a remote machine that deals with call home events from Notepad++, I guess one of those "Telemetry" add-ons. The attackers did a MITM to Notepad++ traffic.

That's the most honest assessment you can expect from any small-scale developer. What do you expect them to say or do? Their adversary is presumably a national intelligence agency of a superpower.

Would you feel better if they had ended the blog post with corporate style assurances that Notepad++ is 100% secure?

> Unless you create some sort of a an auxiliary business and get an acquihire deal most things will fizzle out.

This is acceptable. Why shouldn't most things started by people not willing to put in the work to keep them going not fizzle out? The important thing is that anyone who actually cares to can jump in and pick up right where the open source software fizzled out and get it going again. Anyone can learn from the code and use it for anything they want, even things that have nothing to do with the goals of the original project.

It's not as if there aren't countless examples of corporate vendors dying off and leaving their customers on the hook with nothing, or just changing the product drastically after the sale. At least in the open source case you have the option to fork the project and continue using it as you always have.

See https://doublepulsar.com/small-numbers-of-notepad-users-reporting-security-woes-371d7a3fd2d9

In a world where international rules mean nothing, there is no need to pretend.

We used to consider these threats are not very likely to happen in the open because they're not very stealth.

But the stealthiness of a technique isn't just an inherent trait of its technical means, it's also a measure of monitoring and review in the system it's used against. In its most basic form (I'm not saying this is what happened, it's just the canonical example of this distinction) any threat is 100% stealthy if no one's watching. TLS interception isn't inherently stealthy on its own. But if you only need it to work for a few weeks, and you know no one's going to look for it for a few weeks, you've got yourself an extremely stealthy attack.

Plus, as BenjaminRi pointed out, the stealthiness threshold isn't exactly fixed, either. Realistically, a state actor targeting the infrastructure of a commercial hosting services provider in a foreign country can afford to break a lot of glassware these days. What are the victims going to do?

I feel like that's always been the vibe with these community-loved tools. Most of them don't pay much mind if any to infosec/opsec.

Probably backdooring end user machines by pushing updates with vulnerabilities for the purpose of spying, data exfiltration & control.

Agreed. Supply chain attacks are scary. I open all sorts of secrets in NPP - did they all get leaked?

And who was targeted. The current messaging is very vague.

There is more detail linked below:

https://www.heise.de/en/news/Notepad-updater-installed-malwa...

https://doublepulsar.com/small-numbers-of-notepad-users-repo...

The TLDR is that until version 8.8.7 of Notepad++, the developer used a self-signed certificate, which was available in the Github source code. The author enabled this by not following best practices.

The "good news" is that the attacks were very targeted and seemed to involve hands on keyboard attacks against folks in Asia.

Blaming the hosting company is kind of shady, as the author should own at least some level of the blame for this.

Yeah, Notepad++ is known for political messaging in their updates. Taiwan, Ukraine, etc.

And this https://notepad-plus-plus.org/news/v781-free-uyghur-edition/

I distinctly remember their GH page being flooded with issues written in Chinese.

Everyone is entitled to their opinions.

My opinion is that open source documentation is like polite dinner conversation: It’s not the proper place to discuss politics.

If an author wishes to use their open source project as a platform to discuss politics, that’s the author’s prerogative. But then, as perhaps in this instance, it could be to the detriment of the project itself.

Ah, so this has to do with mainland China going after those who think the Taiwanese do not belong to mainland China. Well, I see them as independent folks. Mainland China needs to stop thinking it can occupy land willy-nilly; unfortunately with USA, Russia and China thinking they can bully other countries that lack nukes, I think these smaller countries absolutely need nukes for defensive purpose.

It is also annoying that all these three countries think they can bully other countries too. That is basically them saying they can kill other people in other countries at all times no matter the real "reason" (just make up a fake reason, such as Russia with regard to Ukraine) - annoying to no ends.

Having said that, and I just pointed out I disagree with mainland China bullying the Taiwanese, I think it would actually be better to have software itself be completely apolitical. I never understood why people felt a need to tie political goals into software. That is a valid statement even if I happen to agree with the political goals here.

Similarly I worry about how these apps automatically update themselves. I know it can be done securely. I also doubt that these companies invest the engineering effort to do so.

If you think large companies are somehow immune to this, you’re gonna have a bad time.

I don’t get it, why don’t you all—absolutely all of you reading—use Little Snitch? [1]

It really doesn’t compute in my head why would any macOS user not use a network firewall like this, or similar, to block unwanted outgoing HTTP(s) requests. You can easily inspect the packet with tools like Wireshark or Burp Suite Professional (or Community) edition, or any other proxy tool, of which there are many in the macOS ecosystem.

And this is not unique to macOS, this is all possible in Windows, Linux and any other OS.

[1] https://www.obdev.at/products/littlesnitch/index.html

The thought crossed my mind as well. Lots of typos, plus "old version compromised, use new version ASAP" could also be said to get people on a newly compromised version, right? Though it's probably just that the post author is stressed and rushed the post out. I do wonder if there's a way to verify the post was written by the real dev and that he still has control. Old known GPG sig?

>This is also why update signatures should be validated against a different server; it would require hackers to control bother servers to go undetected

No, it should be a hardcoded key held by the developer, preferably using a HSM, and maybe with some sort of notification capability in case the key was lost. Adding a second server adds marginal security. For instance if the developer's mail was hacked, an attacker would likely be able to reset passwords for both hosting providers.

Previous NS records were pointing at dns-parking.com, which is Hostinger. Although hard to be certain without more details whether a reseller or other supplier is involved.

You can see this in their DNS history:

notepad-plus-plus.org currently has an A record of 95.128.42.184, owned by "Aqua Ray SAS".

It switched up from 191.101.104.10 and 212.1.212.49 on 17/1, which is are Hostinger IP addresses.

Maybe the hosting provider is currently undergoing an audit or implementing the changes?

I expect to know it one day, but it may be too early to provide the name now.

Lawsuits are expensive and I'd think that name and shaming would open npp up to one

Every shared hosting provider has this risk. Critical projects should be using dedicated or VPS hosting, preferably with encrypted filesystems too as even datacenter techs can fall victim to social engineering.

I'm pretty surprised that they got away with unsigned updates and shared hosting as long as they did. I wonder how many similar popular projects are out there on dodgy infrastructure.

You’d be protected from this particular exploit if you used a package manager rather than the updater, though of course you’d still be vulnerable to the installer binary itself getting compromised.

KDE's own kate is a good alternative, and available for install via chocolatey.

Gedit is an underrated alternative imo.

Sorry, what does this have to do with notepad++?

if you're going to give in and avoid applications because, like in this case they take a strong stance on Ukraine or Taiwan the hack has literally achieved its purpose. Either silence the author directly or destroy its userbase.

Fuck'em and just donate ten bucks to notepad++ , I'd rather my pc breaks then reward this crap

I hate to say this, but wariness of software developed within Russia has been around for ages, long before the current war.

Since there are a lot of both Ukrainian and Russian software developers, this is personal for a lot of people in the industry.

> anti-ukraine independence

What the fuck is that supposed to mean, lol. Ukraine isn’t done secessionist state.

> Seeing them engage in software maccarythism makes me very, very hesitant to provide them.

So are they wrong when flagging software or not? You haven’t provided any details.

Yea, should have finished reading. Remediation was to “ verify both the certificate and the signature of the downloaded installer. “

I mean for such a dev focused and extremely performant app, that’s disappointing.

Glad I’m off windows as of late

It's also possible the update manifest contained an url that the updater blindly trusted, and by modifying that file you could change what got downloaded.

So they just conveniently decided not to sign their releases right around the time they were supposedly "hacked"?

Something doesn't seem right here.

Exactly... Were they exflitrating files open in notepad++ , or was notepad++ installing additional malware for system wide access? What was the end goal?

They were able to replace the downloaded executable with their own version. From the article:

> 2. Even though the bad actors have lost access to the server from the 2nd of September, 2025, they maintained the credentials of our internal services existing on that server until the 2nd of December, which could have allowed the malicious actors to redirect some of the traffic going to https://notepad-plus-plus.org/getDownloadUrl.php to their own servers and return the updates download URL with compromised updates.

Right the writeup doesn't mention when it started and what versions are affected

Download the latest version and install that, instead of using the auto update feature of an old version that might not properly check signatures.

As for whether anything else has been compromised, it depends on whether you were targeted. And the payload might have been tailored to each target, so there's no way to know unless you have access to the exact binary. Unfortunately, binaries downloaded through the auto update feature tend not to linger in your Downloads folder.

Disable auto-updates, just like you should with every piece of software on your machine. This was the result of letting other people silently replace your programs. Don't allow that.

It might have been explicitly targeted, but they did say that there were older versions of Notepad ++ with ""insufficient update verification controls" so it might have just been there was only one subset of users actually susceptible to this.

I dont know who hacked the servers nor I do know how to find out. Let's blame state actors, who's going to come verify these claims.

Have you written about this experience elsewhere? That sounds absolutely nuts.

Someone tried to kill you?! People actually killed your friends? Not sure if schizophrenia or actual story ... I desperately need to hear more of this story.

> This was the exact same technique that was used in 2021 by Audacity's update mechanism, which also redirected traffic to servers hosted in other Aeza Group ASNs and planted a dropper for later campaigns.

I can't find anything about this, can you link a source?

The whole approach of virus scanning is reactive and incomplete. This is because, except for some uncertain guesswork using "heuristics", it depends upon vendor analysis of submitted malware infection samples after it's already happened to determine specific malware file/process signatures. This doesn't and cannot catch all possible malware that has ever happened, especially if it's new, not widespread, or evaded analysis from ever being noticed. Thus, a fraction of malware will always slip and will always remain undetectable.

After a machine is compromised by malware, there's rarely-to-never a trustworthy way to ever fix it with 100% certainty. And especially worrisome is "repair" from the host itself which maybe infected with a rootkit that hides and repairs the malware. Thus, the only correct solution is to completely reimage/reinstall from trusted sources. Deviate from this path at one's own extreme cost/risk.

There also exist a tiny amount of even worse, specialized malware, usually deployed by state actors, that infect hardware in such a way that makes them difficult and sometimes uneconomical to repair.

PSA: Never run untrustworthy shit on any machine that matters. This also includes FOSS projects that don't have their shit together.

Most edr has a “this program is doing something bad” detector. But the number of folks running security on their build process is still not ubiquitous.

No, it's specifically the updates that were targetted. I'm unsure about the downloads but those too are presumably at risk.

> The attackers specifically targeted Notepad++ domain with the goal of exploiting insufficient update verification controls that existed in older versions of Notepad++.

If the people with access to Room 641A want you, you're toast unless you're ready to make some REALLY big digital lifestyle changes that most people would not be amenable to, because you would have to be extremely paranoid on multiple fronts all the time. That kind of heightened vigilance is exhausting and really not worth it.

Threat modeling: it keeps things realistic.

It is baffling to me, as well. You know how you get a remote-code-execution vulnerability? You give a bunch of software permission to fetch code remotely and execute it.

How do you deal with the opposite, software that you forget to update but contains vulnerabilities discovered/exploited later?

This reminds me of college, when some of my professors were still sorting out their curriculum and would give us homework assignments with bugs in it.

I complained many times that they were enabling my innate procrastination by proving over and over again that starting the homework early meant you would get screwed. Every time I'd wait until the people in the forum started sounding optimistic before even looking at the problem statement.

I still think I'd like to have a web of trust system where I let my friends try out software updates first before I do, and my relatives let me try them out before they do.

If there’s anything I’ve learned from IBM, Red Hat, and CentOS, it’s that bleeding edge is actually what I’m supposed to want.

8.4.7 here. phew

>I'm still on 8.5.8 (Oct 2023) - it turns out I'm actually...safer?

Notepad++ site says The incident began from June 2025.

On their downloads page, 8.8.2 was the first update in June 2025 (the previous update 8.8.1 was released 2025-05-05)

So, if your installed version is 8.8.1 or lower, then you should be safe. Assuming that they're right about when the incident began.

edit: Notepad++ has published, on Github, SHA256 hashes of all the binaries for all download versions, which should let users check if they were targeted, if they still have the downloaded file. 8.8.1 is here, for example - https://github.com/notepad-plus-plus/notepad-plus-plus/relea...

> And perhaps a tool to e.g. do a checksum of all Notepad++ files, and compare them to the ones of a verified clean install of the user's installed version, would be a start?

Did I understand the attack wrongly? The software could have a 100% correct checksum, because the attack happened in a remote machine that deals with call home events from Notepad++, I guess one of those "Telemetry" add-ons. The attackers did a MITM to Notepad++ traffic.

That's the most honest assessment you can expect from any small-scale developer. What do you expect them to say or do? Their adversary is presumably a national intelligence agency of a superpower.

Would you feel better if they had ended the blog post with corporate style assurances that Notepad++ is 100% secure?

> Unless you create some sort of a an auxiliary business and get an acquihire deal most things will fizzle out.

This is acceptable. Why shouldn't most things started by people not willing to put in the work to keep them going not fizzle out? The important thing is that anyone who actually cares to can jump in and pick up right where the open source software fizzled out and get it going again. Anyone can learn from the code and use it for anything they want, even things that have nothing to do with the goals of the original project.

It's not as if there aren't countless examples of corporate vendors dying off and leaving their customers on the hook with nothing, or just changing the product drastically after the sale. At least in the open source case you have the option to fork the project and continue using it as you always have.