I’m not sure what you mean. The article states there were remote hands on keyboard noticed in multiple companies. That’s how the vulnerability was discovered.
Comment on Notepad++ Hijacked by State-Sponsored Hackers
pez@piefed.blahaj.zone 4 days agoFair point. I was assuming the malicious payload would come along with an update on order to hide, but it’s also possible that the malicious payload was delivered without any update to notepad++.
I’ve not seen any IOCs published have you?
AceBonobo@lemmy.world 3 days ago
pez@piefed.blahaj.zone 3 days ago
I mean IOCs that you can scan for in an environment to see if a machine has been compromised using this vulnerability. Something that tells you if you need to do additional remediation on a machine or just update notepad++ and move on.
floofloof@lemmy.ca 3 days ago
There’s some IOC information here:
securelist.com/…/118708/
pez@piefed.blahaj.zone 3 days ago
Thanks!