| ▲ | OsrsNeedsf2P 7 hours ago | |
So the hosting provider was hacked? Who was their hosting provider? This is also why update signatures should be validated against a different server; it would require hackers to control bother servers to go undetected | ||
| ▲ | technion 4 hours ago | parent | next [-] | |
You can see this in their DNS history: notepad-plus-plus.org currently has an A record of 95.128.42.184, owned by "Aqua Ray SAS". It switched up from 191.101.104.10 and 212.1.212.49 on 17/1, which is are Hostinger IP addresses. | ||
| ▲ | gruez 7 hours ago | parent | prev | next [-] | |
>This is also why update signatures should be validated against a different server; it would require hackers to control bother servers to go undetected No, it should be a hardcoded key held by the developer, preferably using a HSM, and maybe with some sort of notification capability in case the key was lost. Adding a second server adds marginal security. For instance if the developer's mail was hacked, an attacker would likely be able to reset passwords for both hosting providers. | ||
| ▲ | dontdoxxme 5 hours ago | parent | prev [-] | |
Previous NS records were pointing at dns-parking.com, which is Hostinger. Although hard to be certain without more details whether a reseller or other supplier is involved. | ||