Cybereason GSOC team analysts have analyzed a specific technique that leverages Notepad++ plugins to persist and evade security mechanisms on a machine. Following this introduction, we describe in detail how to reproduce this attack and implement detection and prevention mechanisms.
Article Link: THREAT ANALYSIS REPORT: Abusing Notepad++ Plugins for Evasion and Persistence