Chinese compromise began as early as NP++ v8.6.9
-
Hi everybody, new to the forums. This was the first place I could think of that would be appropriate for me to share that I discovered a 32-bit build of Notepad++ from July 12th 2024, not 2025, with obvious evidence of Chinese involvement.
|The earliest Notepad++ version I’ve seen reported as compromised v8.8.3. I simply wanted to present my case of compromise as early as v8.6.9.
-
That’s not evidence of Chinese (state-sponsored) involvement or compromise. That’s specifically the intentional link to the v8.6.9 https://notepad-plus-plus.org/news/v869-about-taiwan/ “Support Taiwan’s Independence” (which is what google translate says those characters mean). The the developer is a huge proponent of such (and his statements in the N++ About box and release pages has a history of taunting state-sponsored attacks on Notepad++ and its infrastructure).
So that’s rather evidence of the reasons behind the attack, not a symptom of the attack.
-
@PeterJones said in Chinese compromise began as early as NP++ v8.6.9:
That’s not evidence of Chinese (state-sponsored) involvement or compromise. That’s specifically the intentional link to the v8.6.9 https://notepad-plus-plus.org/news/v869-about-taiwan/ “Support Taiwan’s Independence” (which is what google translate says those characters mean). The the developer is a huge proponent of such (and his statements in the N++ About box and release pages has a history of taunting state-sponsored attacks on Notepad++ and its infrastructure).
So that’s rather evidence of the reasons behind the attack, not a symptom of the attack.
Oh my, I stand corrected. Would have freaked me out less had it used my locale to determine the language for the hyperlink text (I saw that, plus 32-bit, plus a logo I didn’t recognize, and I panicked!)
But regardless, I appreciate the heads up.
