zlacker

[return to "Notepad++ hijacked by state-sponsored actors"]
1. jmole+12[view] [source] 2026-02-02 02:20:10
>>myster+(OP)
i always worry about tools like this, maintained by small teams, that are so universal that even if only a small fraction of installs are somehow co-opted by malicious actors, you have a wide open attack surface on most tech companies.

e.g. iTerm, Cyberduck, editors of all shades, various VSCode extensions, etc.

◧◩
2. guessm+s4[view] [source] 2026-02-02 02:45:55
>>jmole+12
I don’t get it, why don’t you all—absolutely all of you reading—use Little Snitch? [1]

It really doesn’t compute in my head why would any macOS user not use a network firewall like this, or similar, to block unwanted outgoing HTTP(s) requests. You can easily inspect the packet with tools like Wireshark or Burp Suite Professional (or Community) edition, or any other proxy tool, of which there are many in the macOS ecosystem.

And this is not unique to macOS, this is all possible in Windows, Linux and any other OS.

[1] https://www.obdev.at/products/littlesnitch/index.html

◧◩◪
3. scratc+v5[view] [source] 2026-02-02 02:55:43
>>guessm+s4
It wouldn't protect against this attack though. The Notepad++ update servers were hijacked. Presumably you would allow Notepad++ updates through Little Snitch so you would be equally as vulnerable.
◧◩◪◨
4. guessm+16[view] [source] 2026-02-02 03:02:42
>>scratc+v5
No, why would you allow automatic updates? It makes no sense. You should audit every update as if each payload could contain malware. It’s a paranoid way to live, but that’s what it takes.

We also need better computer science education in high schools, teaching students how to inspect network packets, verify SSL certificates, and evaluate whether a binary blob might contain malicious code.

People have gotten complacent about the internet, which is why they still get hacked, when it should be the other way around. With everything we’ve learned over the years, why are breaches more common than ever? I don’t understand why people are so careless about online security today, compared to decades ago when we were taught not to share personal information and not to trust anything on the internet.

◧◩◪◨⬒
5. kemote+m8[view] [source] 2026-02-02 03:24:00
>>guessm+16
So you only run software on an operating system and on hardware that you have personally vetted each line of code for?
[go to top]