Researchers at ClouSEK, a Bengaluru based cyber security and machine intelligence firm aimed at providing intelligence to counter online threats, have discovered a fake Windows 11 update that downloads malware in the user’s PC or laptop to steal browsing data and Crypto wallets’ login and transaction information.
The corrupted website seamlessly offers a fake version of Windows 11 update to the users without stating the pre-requisite for installing Windows 11.
However, users lured by this get trapped in a cyberattack as the website downloads malware on the target PC and laptop to steal important private data and passwords.
Microsoft has announced that Windows 11 is one of the safest and most trustworthy upgrades in Windows history. It comes with a heavy set of requirements that are a must for installing the latest update.
One of the most famous and talked-about changes that Windows 11 bring is that the system must support Trusted Platform Module version 2.0. It has made even the latest PC and laptops unable to install Windows 11 on the device.
How to differentiate between genuine and fake Windows 11:
A lot of people are looking to avoid the TPM 2.0 requirement and somehow get their hands on Windows 11 to install it on their computers. This has led to thousands of searches on the internet to find suitable variations of Windows 11 updates that can be installed without needing the pre-requisite.
The website that CloudSEK has identified looks almost similar to Microsoft’s official website, but the difference can be determined when one looks closely. For starters, the URL differs from the original Microsoft website, and the artwork and logos are designed to look similar and cheat the potential customers.
If a user falls into the trap and clicks on the download now button, the site prompts to download an ISO file that contains malware for stealing browsing data, passwords and logins.
How does the malware work?
The malware downloaded by the fake website creates temporary files on the infected device. Later, the files multiply and disable various Microsoft protective features like Windows registry, Windows Defender, ESET, and Emsisoft.
These files then run rampant in the infected device to locate passwords, history and crypto information directly sent to the hackers behind the fake website. Therefore, to stay safe from such threats, users must buy a device capable of satisfying all the requirements of installing Windows 11.