Friday, March 29, 2024

Beware!! Fake Windows 11 Installer Drop Malware on Your Computer

Earlier this year Microsoft announced Windows 11, and Microsoft hasn’t published this new operating system publicly. But, a few weeks ago Windows 11 was unofficially leaked before Microsoft released it to Windows Insiders.

In short, the announcement of the new OS of Microsoft, Windows 11 has created a big hype on the internet world. And that’s why this was a target for users to be attacked by malware and so on.

However, the security researchers at the Kaspersky security lab have confirmed that after the leak, immediately several downloads of Windows 11 ISOs from unofficial sources began to appear, in which they have detected malware on many openings.

How do scammers fool Windows 11 downloaders?

Unofficially different versions of Windows 11 have been released that are easily accessible to anyone, and since these versions are prior to the final version, there are many users who are curious to see that how this new Windows 11 feels and works. 

Now, here comes the key roleplay, since these versions are not official they come from unofficial sources, that’s why you have to keep your eyes open and stay alert about the threat actors while downloading these versions from unknown sources.

As the cybersecurity researchers at Kaspersky have reported about a 1.75GB file (86307_windows 11 build 21996.1 x64 + activator.exe) that seemed to contain the OS itself with an activator.

This file structure is enough to fool anyone, it means that with such a file size, anyone will get fooled. Since this whole package claims to be the Windows 11 installer, but, in reality, this whole package consists of DLL files that contain a lot of worthless things.

However, when the package is opened the fake Windows 11 installer starts and behaves like the authentic one, while in the second one, the installer asks the user to accept a license agreement specifying that sponsored software is going to be installed on your system.

Since, in this stage, nobody reads these texts, and that’s why it becomes easy for the attacker to make the user accept and move further to install the malicious application.

Experts’ findings

Apart from this, the security analysts at Kaspersky Security Lab have claimed that till now they have detected hundreds of such infection attempts using similar schemes related to Windows 11, and the maximum number of cases are detected with fake installers like this.

While the infections of this malware could be varied since they could be like:-

  • Adware
  • Trojan
  • Phishing
  • Keylogger
  • Fileless Malware
  • Spyware
  • Worms
  • Virus
  • Rootkits
  • Ransomware

But, here the users who are becoming victims of such attacks have reported several problems that they have faced like stealing passwords, documents, and even personal data like credit cards and others details.

Recommendation

However, the users who are eager to install Windows 11 early on their system or want to upgrade their existing Windows 10 to Windows 11 are simply advised to use the official channel only, the “Windows Insider Program.”

To activate the “Windows Insider Program” you have to follow the steps that we have mentioned below:-

  • First of all, you have to go to Settings
  • Then you have to click on the “Update & Security” option. 
  • After that, you have to select the “Windows Insider Program.” 
  • Now you have to activate the Dev Channel option to get the update on your PC.
  • That’s it now you are done.

Not only that even, the experts have also recommended the users to not install or run the Windows 11 update on their primary computer system, since these prebuilds could be unstable, and make your system behave improperly.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates.

Website

Latest articles

Beware Of Weaponized Air Force invitation PDF Targeting Indian Defense And Energy Sectors

EclecticIQ cybersecurity researchers have uncovered a cyberespionage operation dubbed "Operation FlightNight" targeting Indian government...

WarzoneRAT Returns Post FBI Seizure: Utilizing LNK & HTA File

The notorious WarzoneRAT malware has made a comeback, despite the FBI's recent efforts to...

Google Revealed Kernel Address Sanitizer To Harden Android Firmware And Beyond

Android devices are popular among hackers due to the platform’s extensive acceptance and open-source...

Compromised SaaS Supply Chain Apps: 97% of Organizations at Risk of Cyber Attacks

Businesses increasingly rely on Software as a Service (SaaS) applications to drive efficiency, innovation,...

IT and security Leaders Feel Ill-Equipped to Handle Emerging Threats: New Survey

A comprehensive survey conducted by Keeper Security, in partnership with TrendCandy Research, has shed...

How to Analyse .NET Malware? – Reverse Engineering Snake Keylogger

Utilizing sandbox analysis for behavioral, network, and process examination provides a foundation for reverse...

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus Labs, the leading Web3 security infrastructure provider, has unveiled a groundbreaking report highlighting...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles