There have been multiple attempts by hackers to compromise user devices since long before Windows 11 came into play. One way attackers use is by creating incorrect Windows 11 files. Users then unknowingly download these files making them susceptible to malware. (via Neowin)
To that effect, in a blog post by Threat Research, the following was apparent:
We recently analyzed one such lure, namely a fake Windows 11 installer. On 27 January 2022, the day after the final phase of the Windows 11 upgrade was announced, we noticed a malicious actor registered the domain windows-upgraded[.]com, which they used to spread malware by tricking users into downloading and running a fake installer. The domain caught our attention because it was newly registered, imitated a legitimate brand, and took advantage of a recent announcement. The threat actor used this domain to distribute RedLine Stealer, an information stealing malware family that is widely advertised for sale within underground forums.
A lot of people have fallen victim to this Redline stealer scam by attackers because it is quite similar to the one on Microsoft’s official website.
Note: The fake website is displayed as windows-upgraded[.]com.
They are actually quite similar, the difference sets in when you click on the download now button. The download process is initiated and “Windows11InstallationAssistant.zip” is downloaded. Through the file analysis conducted by Threat Research, the 1.5MB zip file was subjected to decompression, ultimately reducing its size to 753MB.
Users should therefore be extremely vigilant when trying to upgrade to Windows 11, and to download Windows upgrades from Microsoft only, using Windows Update. This will help secure your files and personal information loaded on your device.
