Tuesday, April 16, 2024

Android tool for Windows 11 installs malware

When Microsoft finally added Android Subsystem to run Android applications, there were problems for a number of users.


1 min read

At first, it was disappointing for users that the Android Subsystem for Windows only included the Amazon App Store. However, as Android is not a difficult system for implementing applications from the side, some developers have invested a little effort to enable the Google Play Store to add external applications.

Unfortunately, this has led to one of the more popular tools, called PowerShell Windows Toolbox, having the tricky Trojan malware in it.

PowerShell Windows Toolbox tool has the ability to make some modifications within Windows 10 or 11 systems, make them more efficient, forcibly disable Windows Update, activate Microsoft Office, install Google Play for Android Subsystem, and other features.

However, hidden in the project code is also hidden malware, which uses the PowerShell approach to install malicious extensions for Internet browsers. In addition, it creates a folder at the root of the Windows drive (which for most users is C: \ called “systemfile”), and the tool has the additional function of downloading even more malware.


The interesting thing about this tool and hidden malware is that it is open-source software, so it has allowed others to discover malicious potentials. Github, meanwhile, has removed the project from its servers.







Dudescode.com is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to amazon.com