The latest version of Windows, the popular operating system for computers, has become the new protagonist of cybercriminal campaigns seeking to spread virus to steal sensitive user data.
On January 27, one day after microsoft announced the final phase of the Windows 11 update, HP’s threat research team detected that a malicious actor registered the domain windows-upgraded[.]com.
YOU CAN SEE: Windows: how to back up your computer files?
The purpose of this URL (which has since been taken down) was to trick users into downloading and running a fake program that allegedly offered the latest version of the OSbut what it actually did was install malware on the device.
The malware in question is RedLine Stealer, a family of malware that steals personal information, such as login credentials, credit cards, and application data, and then puts it up for sale on underground Internet forums.
To make the deception more believable, the attackers completely copied the design of the legitimate Windows 11 website. However, clicking the button download nowwhat was returned was a suspicious compressed folder called Windows11InstallationAssistant.zip.
YOU CAN SEE: Windows 11: so you can change the refresh rate of your monitor
Said element weighed only 1.5 MB and contained six Windows DLL files, an XML file and a portable executable. Once unzipped, a folder with a total size of 753 MB was obtained.
To avoid falling victim to this type of fraud, it is recommended to download any content directly from official websites and other trusted sources.