Unofficial Windows 11 Upgrade Install Info-Stealing Malware

Hackers are tricking users into installing a bogus Windows 11 upgrade that includes malware that collects browser data and cryptocurrency wallets. The effort is still running, and it works by poisoning search results to drive traffic to a website that looks like Microsoft's Windows 11 advertising page and offers the data thief.

Users can use Microsoft's upgrade tool to see if their machine is compatible with the company's most recent operating system (OS). Support for the Trusted Platform Module (TPM) version 2.0, which is found on PCs less than four years old, is one of the requirements.

The hackers are preying on people who rush to instal Windows 11 without first learning that the OS must meet certain requirements. At the time of writing, the rogue website advertising the false Windows 11 was still active. The official Microsoft emblems, favicons, and a welcoming "Download Now" button are all included.

If a visitor accesses the malicious website directly (download is not possible via TOR or VPN), they will receive an ISO file containing the executable for a new data-stealing malware. CloudSEK threat researchers researched the malware and shared a technical report with us confidentially.

The threat actors behind this effort, according to CloudSEK, are using a new malware called "Inno Stealer" since it uses the Inno Setup Windows installer. According to the researchers, Inno Stealer has no code in common with other currently circulating info-stealers, and there is no evidence of the virus being uploaded to the Virus Total scanning site.

Avoid downloading ISO files from unknown sites and instead undertake significant OS updates through the Windows 10 control panel or by obtaining the installation files directly from the source.

Blacktown IT.

Own IT. Secure IT. Protect IT.

#cybersecurity #blacktownit #windows11 #microsoft #hackers