TechFake links to Notepad++. Beware of results on Google

Fake links to Notepad++. Beware of results on Google

When using Google search, one must be careful with the first, sponsored results on the list. Scammers constantly use the option to purchase advertisements to direct people to rigged sites who want to download authentic software. The latest campaign involves Notepad++.

Google logo
Google logo
Images source: © Getty Images | NurPhoto

7:23 PM EDT, October 18, 2023

Bleeping Computer warns of the hazard, citing Malwarebytes and pointing out that in this case, the scammers didn't even bother to create an authentic-sounding domain for their own site. The problem pertains to the popular Notepad++ editor, under whose official distribution site someone is attempting to masquerade. In Google, you can come across doctored, sponsored links, which lead to the download of an infected version of the software.

Interestingly, in this case, it is not entirely clear what harmful software is ultimately downloaded to the victim's computer in the form of a payload. However, Malwarebytes warns that we are dealing with the Cobalt Strike software, which can be used for various types of attacks. It's a tool that originally emerged as software for simulating advanced attacks, but over time it began to be used by authentic attackers as well.

"Sample, fake links in Google"
"Sample, fake links in Google"© Malwarebytes

False links among Google search results is a problem that has been reported for some time. The fact that such fakes make it to the search engine as sponsored links can be infuriating, yet this doesn't change the fact that the user should be cautious and consciously use the search engine, paying attention to which links they click. A simple ad-blocker can serve as a safeguard, most likely cutting out the first links that are advertisements from Google.

In the context of fake links in Google, it's important to remember that not all such manipulated sites are easy to identify, as in the case of the scam involving Notepad++ app. We recently mentioned a similar case with the Webex program, where identifying the scam was not that obvious.

Related content
© essanews.com
·

Downloading, reproduction, storage, or any other use of content available on this website—regardless of its nature and form of expression (in particular, but not limited to verbal, verbal-musical, musical, audiovisual, audio, textual, graphic, and the data and information contained therein, databases and the data contained therein) and its form (e.g., literary, journalistic, scientific, cartographic, computer programs, visual arts, photographic)—requires prior and explicit consent from Wirtualna Polska Media Spółka Akcyjna, headquartered in Warsaw, the owner of this website, regardless of the method of exploration and the technique used (manual or automated, including the use of machine learning or artificial intelligence programs). The above restriction does not apply solely to facilitate their search by internet search engines and uses within contractual relations or permitted use as specified by applicable law.Detailed information regarding this notice can be found  here.