Malicious Ads Targeting Chinese Users with Fake Notepad++ and VNote Installers
Malicious Ads Targeting Chinese Users with Fake Notepad++ and VNote Installers
15 March 2024
Chinese users looking for legitimate software such as Notepad++ and VNote on search engines like Baidu are being targeted with malicious ads and bogus links to distribute trojanized versions of the software and ultimately deploy Geacon, a Golang-based implementation of Cobalt Strike.
“The malicious site found in the notepad++ search is distributed through an advertisement block,” Kaspersky