Beware of the Windows 11 Alpha, a new malware attack that is trying to trick people

Even before Windows 11 can officially make its debut, there are Windows 11-themed malware campaigns trying to trick people into sharing their financial details. One of the most notorious ones is the Windows 11 Alpha malware attack that is trying to trick people into activating a malicious code on their PC. According to reports, the malware attack is relying on people's lack of knowledge and awareness regarding its new software that hasn't publicly rolled out yet. Windows 11 is currently available only to Windows Insider Program members, developers, and beta testers, and is officially going to be launched in October.

The Windows 11 Alpha, as per reports, uses a Microsoft Word document that claims it was made with “Windows 11 Alpha”. This document then asks people to follow certain steps to open it. If an unsuspecting individual follows these steps then a code gets activated that these threat actors can use to steal your financial information.

This Windows 11 Alpha attack was discovered by the Anomali Security researchers who managed to break down the technical components of the attack. The researchers claim that a cybercrime group called the FIN7 is responsible for this Windows 11 Alpha malware campaign. The exact method of how this malicious file spreads has not been confirmed yet, but as Anomali says, it is possibly being done via a phishing or spearphishing email.

The modus operandi of the Windows 11 Alpha attack is simple. If someone sees a document that is supposedly made with Windows 11 Alpha, they will be prompted to follows some steps to access the document and make it compatible with the current operating system they are using. So in all likelihood, the user is on Windows 10, or possibly an older OS, and they will think that since they do not have access to Windows 11, the only way to access this document made by Windows 11 Alpha, therefore, would be to follow the instructions.

Obviously, this is not the case. There is no Windows 11 Alpha. However, cybercriminals are counting on instances where people do need to convert a genuine Word document to make it compatible with their PC and hoping they will fall for this too. The prompts mentioned in the malicious document have been made to look like the ones many PC users follow to make genuine documents compatible. If you do end up falling for this and follow the prompt, a code within the file gets activated which then downloads a JavaScript backdoor. This lets attackers obtain a payload on the PC.

The FIN7 group has been responsible for the theft of more than 15 million payment card records and the value of these records amounts to a little over $1 billion, as eSentire reports. The Windows 11 Alpha malware campaign appeared between late June and late July this year which aligns perfectly with Microsoft's official announcement of Windows 11. The Windows 11 Alpha attack is trying to encash people's interest in the new software and their lack of knowledge regarding it.