One of the DLLs Notepad++ uses was compromised/customized by the CIA. Any apps that then use that DLL essentially allowed it to start up and do data collection in the background. The users were unaware it was happening, because all they saw running was Notepad++ rather than random_program.exe
Wait, what?
It’s real: https://notepad-plus-plus.org/downloads/v7.3.3/
Blog post: https://notepad-plus-plus.org/news/v733-fix-cia-hacking-npp-issue/
More info here: https://notepad-plus-plus.org/downloads/v7.3.3/
I still don’t really understand what happened.
One of the DLLs Notepad++ uses was compromised/customized by the CIA. Any apps that then use that DLL essentially allowed it to start up and do data collection in the background. The users were unaware it was happening, because all they saw running was Notepad++ rather than random_program.exe
Though the developer could not get it to do that in his own testing