Notepad++, one of the most popular, and free, text and source code editors for Windows systems, is being used by attackers to distribute malware.
The cybercrime group in question, known as StrongPity, has been spreading repackaged installers that do in fact install Notepad++, but also infect the system with malware.
When the malicious installer is executed, it drops several files, including the actual Notepad++ installer, a keylogger, and additional malware. The keylogger can be used to harvest user credentials and other sensitive data, while malware dropped in this way has been observed to steal data from infected machines.
The behavioral and AI-based detection engines in Acronis Cyber Protect identify and block malware based on the malicious behaviors it exhibits, preventing infections and keeping your data safe.
