Security News

Cybersecurity news aggregator

📦
HIGH Attacks Help Net Security

Notepad++ supply chain attack: Researchers reveal details, IoCs, targets

notepad++supply-chainlotus-blossomespionagesoutheast-asia
  • What: Notepad++ update mechanism was hijacked.
  • Why: Attributed to Lotus Blossom (aka Billbug), a Chinese state-sponsored group, for espionage purposes.
  • Affected: Individuals in Vietnam, El Salvador, Australia; a government organization in the Philippines; a financial organization in El Salvador; and a Vietnamese IT service provider.
Read Full Article →

Rapid7 researchers have attributed the recent hijacking of the Notepad++ update mechanism to Lotus Blossom (aka Billbug), a Chinese state-sponsored group known for targeting organizations in Southeast Asia for espionage purposes. On Wednesday, Kaspersky researchers shared the insights they’ve gleaned from their own telemetry: the attackers targeted individuals located in Vietnam, El Salvador and Australia; a government organization located in the Philippines; a financial organization located in El Salvador; and a Vietnamese IT service provider. … More → The post Notepad++ supply chain attack: Researchers reveal details, IoCs, targets appeared first on Help Net Security .

Related Articles

HIGH Frequently Asked Questions About Notepad++ Supply Chain Compromise Tenable Research HIGH China-based espionage group compromised Notepad++ for six months CyberScoop HIGH Notepad++ hijacking blamed on Chinese Lotus Blossom crew behind Chrysalis backdoor The Register Security HIGH Notepad++ Hosting Breach Attributed to China-Linked Lotus Blossom Hacking Group The Hacker News
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn