Hackers Using Fake Windows 11 Upgrade To Steal Data

Windows software is a part of our daily routine for many of us. The user-friendly interface makes it easy for us to use, and now it is the go-to choice for daily work or personal use. However, these features need constant updates, and it means that the company is rolling out new features every other week. Some people keep their devices updated, while others may get annoyed at the update window constantly coming up when you are doing work. Hackers may have just found a vulnerability in the Windows system and now are making use of it to steal your data!

Reportedly, hackers will try to steal your data by embedding their malware in a fake Windows 11 upgrade and sending it your way. So far, it has been reported that malware can steal your browser and cryptocurrency data and wallets, respectively. As per Cloudsek findings, for now, the campaign is currently active. It works by luring users to a fake website that resembles the official one by Microsoft. Once you are there, the website will ask for personal information before prompting a page to download the apparent update. This allows the hacker to get your email address and an array of social data.

Via: Bleepingcomputer

Why is it so easy for users to fall for this scam? Recently, the platform Microsoft provided a feature that is essentially a tool that allows you to check whether your system can support the new update. One of the requirements is that your system is able to support Trusted Platform Module version 2.0. Machines that are older than four years do not support the new tool. The hackers are making use of everyday laziness. Many people do not bother checking whether their system supports the update and will blindly trust any link that comes their way that slightly resembles that of Microsoft.

Reportedly, the fake website is still up and running. The resemblance with the official Microsoft website is uncanny, and it utilizes the same logos, taglines and content. The Download Now button is a copycat of the official one. No one has the time to make sure whether the website is authorized or not, especially if it bears such a resemblance to the real one! The malware affected so many people that now officials are looking into the matter and are sharing their findings.

CloudSEK researchers took it upon themselves to dissect the malware and provide insights as to how it affects users. The malware earned the name Inno Stealer because it uses the Inno Setup Windows Installer. The team of researchers report that this malware does not share any similarities with other information stealing malware currently on the internet. Moreover, the malware has not yet been uploaded to the VirusTotal scanning platform. This explains why many people with antivirus on their system are not able to direct the malware infested update either.

How can one stay safe? Experts suggest that one should only download updates from the control panel of Windows 10. Make sure you check into the website’s legibility and be on the lookout for anything suspicious

Read next: AV-TEST Just Ranked the Best Windows Antiviruses for Business and Home Users
Previous Post Next Post