Hackers group "Kha &Mix" have break into the website of the popular open source text editor Notepad++ and tried to trick users into handing over the credentials to their Facebook accounts.
Hackers defaced the website and post a message "Kha &Mix is back". Along with defacement, hackers managed to display a pop-up window that dupe user into entering facebook account details.
It is currently believed that the software downloads were not affected. The rest of the web site now appears to have been fixed.
Users who actually entered their Facebook credentials could potentially have provided the attackers with persistant access to all functions on their account such as personal information and the ability to post status messages. In this case, users would have to visit their Facebook account settings to revoke these permissions.
"Simply changing the account password is not sufficient in this case. The site MyPermissions.org provides direct links to all relevant permission pages for services such as Facebook." The H security Report says.
