Fake Windows 11 Upgrade Infect Users With Info-stealing Malware

Share post:

Hackers are using SEO poisoning to push a fake Windows 11 upgrade site that infects victims with information stealing malware.

Many users are unaware of the requirements for installing the latest Microsoft operating system. One of the requirements is support for Trusted Platform Module (TPM) version 2.0. This requirement is only available on machines that are not older than four years.

Exploiting users’ ignorance, attackers have now launched a malicious website that features the fake Windows 11 with Microsoft’s official logos and an inviting”Download Now” button.

According to researchers, this campaign uses a new malware named “Inno Stealer.” The malware was named Inno Stealer due to its use of the Inno Setup Windows installer.

The malware drops a file with the .SCR extension in the directory of the compromised system. The file unpacks the info-stealer payload and executes it by triggering a new process called “Windows11InstallationAssistant.scr.”

The malware collects web browser cookies and stores credentials, data in cryptocurrency, wallets and data from the file system. Targeted browsers are Chrome, Edge, Brave, Opera, Vivaldi, 360 Browser and Comodo.

Users are advised to avoid downloading ISO files from obscure sources and to perform important OS upgrades only within their Windows 10 control panel. They can also obtain the installation files directly from the source.

The sources for this piece include an article in BleepingComputer.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

Google Play introduces new biometric verification with a user warning

Google has recently announced updates to the biometric verification process for Google Play purchases, aiming to bolster security...

AI surpasses human benchmarks in most areas: Stanford report

Stanford University’s Institute for Human-Centered Artificial Intelligence (HAI) has published the seventh annual issue of its AI Index...

Cyber Security Today, Week in Review for week ending Friday April 19, 2024

On this episode Jen Ellis, co-chair of the Ransomware Task Force, talks about ways of fighting one of the biggest cyber threats to IT d

Cyber Security Today, April 19, 2024 – Police bust phishing rental platform, a nine-year old virus found on Ukrainian computers, and more

This episode reports on a threat actor targeting governments in the Middle East with a novel way of hiding malware is going international

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways