Thursday, March 16, 2017

Notepad Plus Plus Hacked by CIA now Patched - Your freebie notepad editor got hacked

Everyone's favorite freebie notepad editor was comprised and targeted by your friendly neighborhood CIA agent as revealed in latest WikiLeaks leak, code-named "Vault 7". 

Action: Upgrade to 7.3.3 immediately. 

Notepad++ official addresses the CIA hack.

Recent Wikileaks release mentions "Notepad++" hack for spying on users, under the section called "Fine Dining Tool Module Lists" at

DLL HijackNotepad++User, Note Taker-Text EditorOperator takes notes or views documents while collection is occurring

For the uninitiated, the Wikileaks"Vault 7" release list a host of exploits for common everyday free and paid  applications by the CIA. The "Fine Dining Tool Module Lists" section list applications whose libraries (used to run the program known as dynamically loading libraries (DLL))  have been compromised and replace. This is know as "DLL Hijack" in the document.  A hijacked DLL enables practically anything to be done by the remote collectors; it can collect keystrokes, take screenshots, record microphone, snoop on your mail and the dreaded scenario of complete control over you computer using a remote administration tool RAT.  

Notepad++ 7.3.3 (change.log) bug-fixs & enhancements:

1.  Fix CIA Hacking Notepad++ issue (

DLL Hijack Explained

Read my post on how DLL Hijack works even today for programs including Skype.

1 comment: