Notepad++: Help us to take down the parasite website

Nature of the “parasite” site

  • Domain in question is notepad.plus; the official project domain is notepad-plus-plus.org (confirmed via the project’s GitHub README).
  • notepad.plus currently shows AI-ish content and, for some users, redirects the download button to the official site.
  • Some users saw ad code present but blocked (e.g., 403 from Google ad services); others report previously seeing ad-heavy pages and possibly “fake download button” style ads.
  • Web archive snapshots and past behavior suggest it previously served its own executable via /download, possibly with geo/cookie-based variation.

Is it “malicious”?

  • One side: just an ad farm / SEO parasite; malicious should mean actually serving malware or altered software.
  • Other side: deceptive branding, injecting itself into the download flow, and impersonation create real security risk and erode trust; “malicious” from the project’s and users’ perspective even if payload is currently clean.
  • Common concern: pattern of building SEO reputation with legitimate downloads, then later swapping to malware, especially attractive for tools used by admins/developers.

Search, ads, and incentives

  • Many express surprise or frustration that Google hasn’t penalized the site; others say this is expected given current search quality and ad incentives.
  • Some argue Google profits from such ad-laden pages and pushes brands to pay to stay on top.
  • Mention of AI-generated content networks and link pyramids boosting its rankings; tools like Ahrefs’ backlink checker used to inspect backlinks.

Reporting and takedown strategies

  • Suggestions: report via Google Safe Browsing under “deceptive/social engineering,” Cloudflare Radar, and possibly DMCA/trademark or registrar complaints if a trademark exists.
  • Debate over whether preemptive malware reports are appropriate vs. “crying wolf.”
  • Some note site intermittently down or serving invalid TLS, which may naturally diminish its search visibility.

Broader ecosystem issues

  • Similar imposter or adware-wrapped sites exist for other popular software (OpenOffice, VLC, PuTTY, IrfanView, emulators, etc.).
  • General recommendation: prefer official sites or package managers (e.g., Chocolatey) to avoid shady download intermediaries.
  • Side discussion on domain perception (hyphens seen as “spammy” by some) and moral comparisons to affiliate linking.