Beware Of A Notepad++ Clone Or Not?
Malicious Intent Not So Much, Just A Poorly Thought Out Fan Site
The makes of Notepad++ are sending out a warning today to avoid what they call a parasite website, which looks very similar to theirs. The new site, notepad.plus carries branding similar to the actual site at notepad-plus-plus.org. The lookalike site does redirect you to the official site if you click on the download link, so you are not currently at risk if you happened to install Notepad++ this morning and are not sure if you grabbed it from the right site. That could change at any time, and Notepad++ asked Bleeping Computer to spread the word that there is also code to add a banner ad, which would be able to host malicious ads if the owners so chose.
The thing is that currently there aren’t any ads being displayed, malicious or not, and the site just seems to contain links to articles on how to use Notepad++. As well, at the bottom you can see a note that includes the statement that “This is an unofficial fan website created for general information/educational purpose only.”. All in all this seems to be a totally innocent site which managed to jump up in Google search results and be noticed by the official suppliers of Notepad++. The outcry seems overblown, however it is a very good reminder to always double check the URL when downloading software as not every site is as innocent as this one.
Although, at the time of writing, the lookalike website takes visitors to the official Notepad++ downloads page, there is some concern that it could pose security threats—for example, if it starts pushing malicious releases or spam someday either deliberately or as a result of a hijack.
More Tech News From Around The Web
- The new features coming in Windows 11 24H2, expected this fall @ Bleeping Computer
- ASUS NVIDIA Servers at GTC 2024 @ ServeTheHome
- Hotel check-in terminal bug spews out access codes for guest rooms @ The Register
- TSMC Wins $6.6 Billion US Subsidy for Arizona Chip Production @ Slashdot
- AMD to open source Micro Engine Scheduler firmware for Radeon GPUs @ The Register
I know the owner. Website has been online since 2020. All downloads were redirected to the official website. Guy earned like $50-100/month from Adsense and most of it was from traffic to articles. Instead he is being DDOSed and hacked all day today lol.
Sounds like a confidence attack. Bring it down!
“The makes of Notepad++ are sending out a warning today ” should read “The makers of Notepad++ are sending out a warning today “.
Step 1: Built site with no malware, but easily capable of hosting it
Step 2: Raise through search result rankings without triggering any malware detection (because there’s no malware… yet)
Step 3: When site has reached prominence in search rankings, swap out legitimate links for malicious links
Step 4: Rinse and repeat if detected.