Beware Of A Notepad++ Clone Or Not?

Source: Bleeping Computer Beware Of A Notepad++ Clone Or Not?

Malicious Intent Not So Much, Just A Poorly Thought Out Fan Site

The makes of Notepad++ are sending out a warning today to avoid what they call a parasite website, which looks very similar to theirs.  The new site, notepad.plus carries branding similar to the actual site at notepad-plus-plus.org.  The lookalike site does redirect you to the official site if you click on the download link, so you are not currently at risk if you happened to install Notepad++ this morning and are not sure if you grabbed it from the right site.  That could change at any time, and Notepad++ asked Bleeping Computer to spread the word that there is also code to add a banner ad, which would be able to host malicious ads if the owners so chose.

The thing is that currently there aren’t any ads being displayed, malicious or not, and the site just seems to contain links to articles on how to use Notepad++.  As well, at the bottom you can see a note that includes the statement that “This is an unofficial fan website created for general information/educational purpose only.”.  All in all this seems to be a totally innocent site which managed to jump up in Google search results and be noticed by the official suppliers of Notepad++.  The outcry seems overblown, however it is a very good reminder to always double check the URL when downloading software as not every site is as innocent as this one.

 

Although, at the time of writing, the lookalike website takes visitors to the official Notepad++ downloads page, there is some concern that it could pose security threats—for example, if it starts pushing malicious releases or spam someday either deliberately or as a result of a hijack.

Video News

About The Author

Jeremy Hellstrom

Call it K7M.com, AMDMB.com, or PC Perspective, Jeremy has been hanging out and then working with the gang here for years. Apart from the front page you might find him on the BOINC Forums or possibly the Fraggin' Frogs if he has the time.

4 Comments

  1. Jay

    I know the owner. Website has been online since 2020. All downloads were redirected to the official website. Guy earned like $50-100/month from Adsense and most of it was from traffic to articles. Instead he is being DDOSed and hacked all day today lol.

    Reply
  2. willmore

    Sounds like a confidence attack. Bring it down!

    Reply
  3. MyTaintedBrain

    “The makes of Notepad++ are sending out a warning today ” should read “The makers of Notepad++ are sending out a warning today “.

    Reply
  4. psuedonymous

    Step 1: Built site with no malware, but easily capable of hosting it

    Step 2: Raise through search result rankings without triggering any malware detection (because there’s no malware… yet)

    Step 3: When site has reached prominence in search rankings, swap out legitimate links for malicious links

    Step 4: Rinse and repeat if detected.

    Reply

Leave a reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Latest Podcasts

Archive & Timeline

Previous 12 months
Explore: All The Years!