Windows 11 Upgrade on mind? Beware, don't click on fake installer! Avoid big Malware risk | Tech News

Windows 11 Upgrade on mind? Beware, don't click on fake installer! Avoid big Malware risk

Fake Windows 11 Upgrade Installer is being used by cybercriminals to infect your computer with RedLine Malware. Stop it this way.

By: HT TECH
| Updated on: Aug 22 2022, 00:01 IST
Fake Windows 11 Upgrade Installer can infect your computers with RedLine Malware.
Fake Windows 11 Upgrade Installer can infect your computers with RedLine Malware. (microsoft.com)

Digitalization has got a massive boost in the country during the pandemic, but it has also led to an increase in cybercrimes. And now cybercriminals are trying to target people via a fake Windows 11 installer. The final phase of the Windows 11 upgrade was announced on January 26, 2022. A day after the announcement that is on January 27, a malicious actor registered the domain windows-upgrade[.]com was noticed, informed HP Threat Research team. Cybercriminals used this domain to spread malware by tricking users into downloading and running a fake Windows 11 installer.

As per the information provided by HP Threat Research team in a blog post, "The domain caught our attention because it was newly registered, imitated a legitimate brand and took advantage of a recent announcement. The threat actor used this domain to distribute RedLine Stealer, an information stealing malware family that is widely advertised for sale within underground forums."

You may be interested in

MobilesTablets Laptops
7% OFF
Apple iPhone 15 Pro Max
  • Black Titanium
  • 8 GB RAM
  • 256 GB Storage
28% OFF
Samsung Galaxy S23 Ultra 5G
  • Green
  • 12 GB RAM
  • 256 GB Storage
Google Pixel 8 Pro
  • Obsidian
  • 12 GB RAM
  • 128 GB Storage
Apple iPhone 15 Plus
  • Black
  • 6 GB RAM
  • 128 GB Storage

"The attackers copied the design of the legitimate Windows 11 website, except clicking on the “Download Now” button downloads a suspicious zip archive called Windows11InstallationAssistant.zip. The file was hosted on Discord's content delivery network," it added.

Also read
Looking for a smartphone? To check mobile finder click here.

The researchers analysed that the suspicious file is small in size that is only 1.5 MB and contains six Windows DLLs, an XML file and a portable executable. After decompressing the archive, the researchers found a folder with a total size of 753 MB. The executable Windows11InstallationAssistant.exe was the largest file at 751 MB.

"Since the compressed size of the zip file was only 1.5 MB, this means it has an impressive compression ratio of 99.8%. This is far larger than the average zip compression ratio for executables of 47%. To achieve such a high compression ratio, the executable likely contains padding that is extremely compressible," the blog post read.

How to avoid malware

After seeing the rise in cybercrimes, you are advised to be very cautious and try to avoid downloading anything from unofficial sources. When trying to upgrade to Windows 11, download it from Microsoft only.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 11 Feb, 13:08 IST
Tags:
NEXT ARTICLE BEGINS