Unknown attackers distributed a fake Windows 11 distribution containing malware

Unknown attackers distributed a fake Windows 11 distribution containing malware

Cybersecurity experts from HP reported the discovery of a fake Windows 11 installation distribution that infected victims’ computers with malware. The organization has investigated and found a suspicious website at a Windows-related address.

Image source: throwresearch.ext.hp.com

Image source: throwresearch.ext.hp.com

According to HP, the domain was registered after Microsoft announced the release of the final version of Windows 11. The design of the site was as similar as possible to the corporate style of Microsoft resources, but most importantly, there was a “Download” button on the main page. Clicking this button downloaded an archive containing trojans designed to steal passwords and other data from an open browser, such as B. Autofill data, including credit card numbers.

The fake Windows 11 installer is a ZIP archive that is only 1.5 MB in size. When unzipped, it expands into a 753MB folder, almost all of the space where the Windows11InstallationAssistant.exe file occupies up to 751MB. Therefore, the archive compresses this file by 99.8%, which is not typical for executable files – attackers intentionally increased their size, since large files are usually ignored by antivirus programs.

Meanwhile, the fake site has already gone offline, but it’s possible that other hackers will try to repeat this no longer new scheme. Microsoft is preparing a free tool to upgrade Windows 10 to Windows 11, but it will be implemented by regular system tools – you don’t need to download anything. Windows 11 can also be installed manually, but for that it is highly recommended to download the distribution from Microsoft official website only.



About the author

Robbie Elmers

Robbie Elmers is a staff writer for Tech News Space, covering software, applications and services.

Add Comment

Click here to post a comment