Windows 11 Upgrade on mind? Beware, don't click on fake installer! Avoid big Malware risk
Fake Windows 11 Upgrade Installer is being used by cybercriminals to infect your computer with RedLine Malware. Stop it this way.
Digitalization has got a massive boost in the country during the pandemic, but it has also led to an increase in cybercrimes. And now cybercriminals are trying to target people via a fake Windows 11 installer. The final phase of the Windows 11 upgrade was announced on January 26, 2022. A day after the announcement that is on January 27, a malicious actor registered the domain windows-upgrade[.]com was noticed, informed HP Threat Research team. Cybercriminals used this domain to spread malware by tricking users into downloading and running a fake Windows 11 installer.
As per the information provided by HP Threat Research team in a blog post, "The domain caught our attention because it was newly registered, imitated a legitimate brand and took advantage of a recent announcement. The threat actor used this domain to distribute RedLine Stealer, an information stealing malware family that is widely advertised for sale within underground forums."
"The attackers copied the design of the legitimate Windows 11 website, except clicking on the “Download Now” button downloads a suspicious zip archive called Windows11InstallationAssistant.zip. The file was hosted on Discord's content delivery network," it added.
The researchers analysed that the suspicious file is small in size that is only 1.5 MB and contains six Windows DLLs, an XML file and a portable executable. After decompressing the archive, the researchers found a folder with a total size of 753 MB. The executable Windows11InstallationAssistant.exe was the largest file at 751 MB.
"Since the compressed size of the zip file was only 1.5 MB, this means it has an impressive compression ratio of 99.8%. This is far larger than the average zip compression ratio for executables of 47%. To achieve such a high compression ratio, the executable likely contains padding that is extremely compressible," the blog post read.
How to avoid malware
After seeing the rise in cybercrimes, you are advised to be very cautious and try to avoid downloading anything from unofficial sources. When trying to upgrade to Windows 11, download it from Microsoft only.
Follow HT Tech for the latest tech news and reviews , also keep up with us on Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.