floof.org
Thumper ➡️GOTF
Thumper ➡️GOTF mastodon (AP)

Since I have many tech friends who may use Notepad++, best update to 8.9.1, and if you updated in June-Dec of last year, may be worth checking you don't have backdoor installed....

Since it was selective targeting, your odds of infection are probably low, but you may just be lucky :P

https://notepad-plus-plus.org/news/hijacked-incident-info-update/

https://www.rapid7.com/blog/post/tr-chrysalis-backdoor-dive-into-lotus-blossoms-toolkit/


The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit

Rapid7 Labs, together with the Rapid7 MDR team, has uncovered a sophisticated campaign attributed to the Chinese APT group Lotus Blossom.
Rapid7
This entry was edited (1 week ago)
Link to source
1 1
Pippin
Pippin friendica
Hmm, after updating I searched for a couple of the filenames mentioned at the bottom of that rapid7 post and got no results - I assume just their presence anywhere on the machine would be an indicator of likely compromise, and I assume a compromise will mean they are all present, so searching for a subset should be enough. Just in case, ran Malwarebytes over the machine too and it came up clean. Not sure if there's anything else I ought to have checked. The rapid7 article looks like it's written for people inside the antimalware industry who know these things, which I'm not - I can only assume I'm interpreting the article correctly.
Link to source
1
Thumper ➡️GOTF
Thumper ➡️GOTF mastodon (AP)
@pippin it was targeted so it's very likely you didn't get hit, but updating is still wise to avoid any potential issues.
@Pippin
Link to source
Pippin
Pippin friendica
@Thumper ➡️PLUSH➡️GOTF Oh, I did, first thing once I heard about it, thanks. I'd just hoped to get a bit more assurance that I was okay, but all the "here's how to check if you're compromised" links going to a rather technical article with no particularly obvious "here's how to check" checklist seemed… less than helpful. I did find a forum post saying that malwarebytes are aware of the situation, so I'm assuming their tool would have found chrysalis if it was there. So I'm reasonably sure I'm okay. Thank you. 🙂
@Thumper ➡️GOTF
Link to source
1