Fake Windows 11 is offered on a website that pushes into search results and mimics Microsoft’s Windows 11 promotional page.
Microsoft offers an upgrade tool for users to check if their computer supports the company’s latest operating system. One of the conditions is support for Trusted Platform Module (TPM) version 2.0, which is present on computers that are not older than four years.
The target of this campaign is users who would like to install Windows 11 without checking if their computer has certain specifications.
The fake Windows 11 website has official Microsoft logos, favicons, and a “Download Now” button. If a visitor clicks this button, they will download an ISO file that hides the executable file for new malware that steals data. CloudSEK researchers have named the new malware “Inno Stealer” because of its use of the Inno Setup Windows installer.
Interestingly, the malware uninstalls antivirus products, including security solutions from Emsisoft and ESET, probably because these products detect it as malware.
Inno Stealer may collect web browser cookies and saved passwords, data in cryptocurrency wallets, and other data.
The malware targets a number of browsers and crypto wallets, including Chrome, Edge, Locks, Opera, Vivaldi, 360 Browser, and Comodo.
All stolen data is copied via the PowerShell command to a temporary directory, encrypted and later sent to the command and control server.
The malware can also download additional malicious code, which only happens at night, probably to take advantage of the time when the victim is not at the computer.
This is not the first time Windows 11 has been used as bait to spread malware. It is recommended to avoid downloading ISO files from suspicious sites and to upgrade the OS only from the Windows 10 control panel or to download the installation files directly from the Microsoft site.
READ MORE:
- You have less than a month to upgrade if you are using this version of Windows
- How to restore the display of dislikes on YouTube?
- When working from home, the workday has triple peak activities
- Microsoft is reportedly working to introduce commercials to free-to-play video games on the Xbox
- Microsoft has finally made it easier to change the default browser