[BreachExchange] Fake Windows 11 installers infecting devices with adware, malware

Sophia Kingsbury sophia.kingsbury at riskbasedsecurity.com
Mon Jul 26 12:39:50 EDT 2021


https://www.hackread.com/fake-windows-11-installers-adware-malware/

Windows 11 isn’t yet released, but hackers seem to be too inclined to
exploit its release by providing fake, malware-infected downloads and
previews of the new operating system. According to Kaspersky’s latest
report, there has been a significant rise in the volume of bogus Win 11
installers.

Moreover, cybercriminals are offering users a link to this malicious Win11
installer, promising them to evade the Microsoft Insider testing ring that
currently can access the upcoming OS. Kaspersky revealed that several
hundred infection attempts had been observed lately.

Fake Installers Designed to Deliver Malware

Reportedly, these fake Win 11 downloaders are delivering adware and malware
payloads on computers. According to the vice president of threat research
at Kaspersky, Anton Ivanov, a majority of these fake Win 11 installers pose
as a downloadable file appearing to be a genuine MS Windows installer as
far as size and structure are concerned.

Though Microsoft has made the process of installing/downloading Win11
through its official site relatively straightforward, many are still
visiting other unofficial sources to download the OS and fall prey to
malware-laden software instead of downloading the new Windows.

For instance, some hackers offer an executable file titled 86307_windows 11
build 21996.1 x64 + activator.exe. This file is 1.75GB in size and appears
genuine Windows downloader. But, most of this space comprises one DLL file
containing useless information.

When this file is executed, according to Kaspersky’s blog post, a standard
Windows installation wizard appears, but its primary purpose is to download
and run the second, more problematic executable, which is also an installer
and comes with a license agreement and installs sponsored software.
Accepting the agreement means different types of malicious software will
get installed on the device.

Remember the Date

Windows 11 will be available for download for all Windows users in early
2022. However, last month Microsoft released it for customers who have
enrolled in the Insider program at the official unveiling of the new
Windows version.

Remember, this will be Microsoft’s biggest software update in the past six
years, and the new OS comes with many new features and tweaks. It is
recommended that you wait for its official release rather than trying to
install a prerelease build, as you may end up downloading some type of
malware.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20210726/058694bc/attachment.html>


More information about the BreachExchange mailing list