Beware of Malicious Notepad++ Websites that Attack Developers [Thursday, March 28, 2024]

A recent cybersecurity investigation uncovered threat actors actively targeting developers by distributing trojanized versions of the popular Notep...
Beware of Malicious Notepad++ Websites that Attack Developers [Thursday, March 28, 2024]
Beware of Malicious Notepad++ Websites that Attack Developers

Beware of Malicious Notepad++ Websites that Attack Developers

Description :
A recent cybersecurity investigation uncovered threat actors actively targeting developers by distributing trojanized versions of the popular Notepad++ text editor through malicious websites. The malicious versions aim to infect victims with malware such as Cobalt Strike-like backdoors. The threat actors are leveraging online advertising and search engine optimization techniques to promote the malicious websites and lure victims. Technical analysis revealed inconsistencies in website URLs, titles, and content pointing to a network of interconnected threat actor-controlled domains used to distribute the malware.

Published Created Modified
2024-03-28 12:34:26 2024-03-28 12:34:26 2024-03-28 13:04:38

Tags

Indicators

Domains : Malwares :
  • Backdoor.Oldrea - S0093
  • Havex
  • Cobalt Strike - S0154
Hashes :
  • bbcc903d54bf6a8b03569633385de9ba93816d0e160c95fbcda13b7b944d888a
  • cf542d196246fc3fb0631b7e410c7fa4db0d59855077ab64a984f4c7bfc3eafe
MITRE ATT&CK Techniques : Other observables :
  • Technology

External References

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.