Fake Windows 11 installer targets passwords, credit card and crypto wallet

Over a billion machines are running some version of Microsoft Windows. The reach of operating systems expanded further when Windows 11 entered the market.

But not everyone is able to upgrade to the new version. This is because some older computers do not meet the minimum system requirements to run Windows 11. Tap or click here to see if your PC meets the minimum system requirements.

Not having a compatible PC has led some people to seek out unofficial copies of the operating system. Bad idea. Keep reading to find out how a fraudulent installer puts your credentials and finances at risk.

Here is the backstory

If your system is too old to run Windows 11, it is best to get a new PC. Trying to bypass the installation process and searching for unofficial installers might lead you to spoofed websites.

And that’s exactly what happened when HP’s threat research team found a domain that, on the face of it, appears to be a legitimate Microsoft website. But the windows-upgraded.com domain hides a dangerous secret.

This spoofed site is complete with Microsoft branding, images, and design similar to an official Microsoft site. Unsuspecting visitors would see a Download Now button on the landing page, offering a free copy of Windows 11.

A Zip file is downloaded to your machine if you press the button. The problem is that the download is not Windows 11 at all. Instead, it is dangerous malware called RedLine used by cyber criminals to steal credentials, browser cookies, banking information and cryptocurrency wallet data.

Here’s a screenshot from HP Threat Research showing what the site looks like:

Windows 11
Credit: HP Threat Research

“It collects various information about the current environment, such as user name, computer name, installed software and hardware information. The malware also steals passwords stored in web browsers , auto-complete data such as credit card information, and cryptocurrency files and wallets,” HP Threat Research explained in a blog post.

Fortunately, the spoofed site has been removed. But there will be others, so you need to know how to stay protected.

How to Avoid Malware

Cybercriminals are extremely good at spoofing official websites and communications. This is why you should be careful and avoid third party sites or app stores. And always beware of phishing emails and text messages and avoid clicking on links in an unsolicited message.

One of the ways victims found this spoofed website claiming to offer a copy of Windows 11 was through ads found on social media. Never trust social media ads! Most of the time, you will either end up with a device infected with malware, or you will buy an item and receive a fraudulent product if you receive anything.

If you want to upgrade to Windows 11, do it only through the updater on your PC or from the official Microsoft website. Here is a link to the official Windows 11 upgrade page.

You should also have reliable antivirus software on all your devices. We recommend our sponsor, TotalAV. Right now, get an annual plan of TotalAV Internet Security for just $19 at ProtectWithKim.com. That’s over 85% off the regular price.

keep reading

Malware Exposes Saved Passwords in Browsers – Check Your Data Now

7 new tips and tricks to make Windows 11 more useful

Comments are closed.