1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Warning: this fake Windows 11 upgrade is filled with malware

    From TechnologyDaily@1337:1/100 to All on Tue Apr 19 12:15:03 2022
    Warning: this fake Windows 11 upgrade is filled with malware

    Date:
    Tue, 19 Apr 2022 10:58:16 +0000

    Description:
    Dont install this Windows 11 upgrade it contains malware that could steal your data.

    FULL STORY ======================================================================

    Security researchers have found a fake Windows 11 upgrade website that promises to offer a free Windows 11 install for PCs that dont meet the
    minimum specifications, but actually installs data-stealing malware.

    Windows 11 has some interesting requirements to run, and its most famous demand is for Trusted Platform Module (TPM) version 2.0 support . This has
    led to perfectly capable, and powerful, PCs and laptops being unable to upgrade to Windows 11, as they did not meet the minimum specifications.

    Understandably, this annoyed people with relatively new hardware that couldnt upgrade to the latest version of Windows, and many looked at ways of circumnavigating the TPM 2.0 requirement to install Windows 11 on their unsupported devices.

    Its these people that this new threat is targeting, as Bleeping Computer reports . Looking legitimate

    While the websites address (URL) should be a red flag (we won't mention it here), as its clearly not a Microsoft website, the actual website itself does look like its an official Microsoft website, using logos and artwork that makes it difficult to tell it apart from a real Microsoft page.

    However, as security researchers CloudSEK discovered by clicking the Download now button, the website downloads an ISO file that contains malware.

    This malware, called Inno Stealer, uses a part of the Windows installer to create temporary files on an infected PC. These create processes that run and place four additional files on your PC, some of which contain scripts that disable various security features, including in the Windows registry. They also tweak the built-in Windows Defender anti-virus, and remove other
    security products from Emisoft and ESET.

    Other files then run commands at the highest system privileges, while yet another file is created in the C:\Users\\AppData\Roaming\Windows11InstallationAssistant folder, and its this file that contains the data-stealing code, named Windows11InstallationAssistant.scr. This then takes information from web browsers, as well as cryptocurrency wallets, stored passwords and files from the PC itself. This stolen data is then sent to the malicious users who created the malware.

    Pretty nasty stuff. Analysis: Be careful what you wish for (Image credit: Pixabay)

    The scale of the infection here, and what its able to steal from you, is very scary, but the good news is that its easy to avoid.

    No matter how desperate you are to install Windows 11, you should only download ISO files from sources you are absolutely certain are legitimate. While the makers of this malware have put in a lot of work to make the
    website look legitimate (like many so-called phishing attacks), there are
    some tell-tale signs, such as the aforementioned URL, which highlights that this is not a genuine Microsoft website.

    If your PC is eligible for a Windows 11 upgrade, youll be alerted via Windows Update, a tool thats built into Windows operating systems. This is the safest way to ensure you are downloading and installing a genuine copy of Windows
    11.

    If your PC isnt eligible, due to not meeting the TPM 2.0 requirements, then there are some safer ways to install Windows 11 without TPM anyway . But we dont really recommend any of them, especially as Microsoft is making it
    harder to run Windows 11 on unsupported systems, which could mean you miss
    out on important updates, security fixes and features in the future.

    Above all, however, you should never attempt to download and install a
    Windows 11 ISO file from any website that isnt run by Microsoft itself. Find out how to safely install and download Windows 11



    ======================================================================
    Link to news story: https://www.techradar.com/news/warning-this-fake-windows-11-upgrade-is-filled- with-malware/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)