A complex espionage campaign attributed to Chinese APT group Lotus Blossom, active since 2009. The investigation uncovered a sophisticated compromise of Notepad++ distribution infrastructure that delivered Chrysalis, a previously undocumented custom backdoor with extensive remote access capabilities. The attack chain began at IP address 95.179.213.0, where execution of notepad++.exe and GUP.exe preceded download of a […]

The post Notepad++ Attack Breakdown Reveals Sophisticated Malware and Actionable IoCs appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Source: gbHackers
Source Link: https://gbhackers.com/notepad-attack-breakdown-reveals-sophisticated-malware/