Notepad++: Help us to take down the parasite website
Nature of the “parasite” site
- Domain in question is notepad.plus; the official project domain is notepad-plus-plus.org (confirmed via the project’s GitHub README).
- notepad.plus currently shows AI-ish content and, for some users, redirects the download button to the official site.
- Some users saw ad code present but blocked (e.g., 403 from Google ad services); others report previously seeing ad-heavy pages and possibly “fake download button” style ads.
- Web archive snapshots and past behavior suggest it previously served its own executable via
/download, possibly with geo/cookie-based variation.
Is it “malicious”?
- One side: just an ad farm / SEO parasite; malicious should mean actually serving malware or altered software.
- Other side: deceptive branding, injecting itself into the download flow, and impersonation create real security risk and erode trust; “malicious” from the project’s and users’ perspective even if payload is currently clean.
- Common concern: pattern of building SEO reputation with legitimate downloads, then later swapping to malware, especially attractive for tools used by admins/developers.
Search, ads, and incentives
- Many express surprise or frustration that Google hasn’t penalized the site; others say this is expected given current search quality and ad incentives.
- Some argue Google profits from such ad-laden pages and pushes brands to pay to stay on top.
- Mention of AI-generated content networks and link pyramids boosting its rankings; tools like Ahrefs’ backlink checker used to inspect backlinks.
Reporting and takedown strategies
- Suggestions: report via Google Safe Browsing under “deceptive/social engineering,” Cloudflare Radar, and possibly DMCA/trademark or registrar complaints if a trademark exists.
- Debate over whether preemptive malware reports are appropriate vs. “crying wolf.”
- Some note site intermittently down or serving invalid TLS, which may naturally diminish its search visibility.
Broader ecosystem issues
- Similar imposter or adware-wrapped sites exist for other popular software (OpenOffice, VLC, PuTTY, IrfanView, emulators, etc.).
- General recommendation: prefer official sites or package managers (e.g., Chocolatey) to avoid shady download intermediaries.
- Side discussion on domain perception (hyphens seen as “spammy” by some) and moral comparisons to affiliate linking.