>>myster+(OP)
> Traffic from certain targeted users was selectively redirected to attacker-controlled served malicious update manifests.
I'd be curious to know if there was any pattern as to which users were targeted, but the post doesn't go into any further detail except to say it was likely a Chinese state-sponsored group.
>>tragic+c6
It might have been explicitly targeted, but they did say that there were older versions of Notepad ++ with ""insufficient update verification controls" so it might have just been there was only one subset of users actually susceptible to this.
>>x_may+a8
No, the additional update verification was added after this attack was discovered. All Notepad++ installations were vulnerable during the time of the hijacking campaign.