This Fake windows 11 installer Is Infected with Redline Stealer Malware, Beware

Window 11 is a major upgrade many windows 10 users cannot get from the official Microsoft distribution channel due to hardware incompatibilities.

On October 5 2021, Microsoft released Windows 11 to the public, where TPM 2.0 was one of the requirements to make it run. Unfortunately, most systems do not support the TPM 2.0

This has made many windows 10 users who tried upgrading to windows 11 fall victim to this dangerous Redline Stealer malware. The threat actors have started distributing the fake windows 11 upgrade installer to users of Windows 10 tricking them into installing the redline stealer malware.

The redline stealer is the most widely deployed password, browser cookies, credit card and Cryptocurrency info reader. So, it’s very dangerous and has adverse effects on the victim.

This PC Application Can Save Your Eyes From Defects

How does the Redline Stealer works?

According to the researchers at HP, they spotted the campaign the threat actor used which was a legitimate “windows-upgrade.com” domain.

The website is a clone of the official Microsoft website and on clicking the download button, you will receive a 1.5MB Zipped file name “Windows11InstallationAssistant.zip”

Decompressing the file you have a folder of 753MB, when the victim launches the executable file, a cmd.exe is launched and after 21 seconds, it starts running a DLL Redline stealer payload that connects to the command and control server via TCP

Someone reported having seen the threat actor use a different domain name on Google ads with 301 redirects to the distribution website. However, the distribution website is down but nothing stops the threat actor from getting a new domain to strike the attack again.

IObit Driver Booster PRO 8.4.0.432 Crack Full Torrent Free Key (2021) (WORKING)

Since all these malicious websites are distributed through social media and forums, you need to take precautions and pay attention only to the official windows upgrade alerts.

Via

close

Join our Email list and receive Exclusive updates

we don't spam,we send relevant contents only

JOIN US ON TELEGRAM FOR LATEST UPDATES


FOLLOW US ON TWITTER | FACEBOOK | INSTAGRAM

Leave A Reply

Please enter your comment!
Please enter your name here