Fraudsters explore curiosity about the release of Windows 11 to distribute fake OS installers stuffed with malware, adware and other threats, Kaspersky Lab reports.
Despite the fact that the process of downloading and installing Windows 11 from the official Microsoft website is very simple and straightforward, the researchers say that many are still trying to download the new OS from third-party sources, and cybercriminals are happy to offer such people their “services”.
Hiding behind Windows 11, cybercriminals most often distribute malware downloaders designed to deliver other malware to victims’ computers.
For example, scammers distribute a certain executable file called 86307_windows 11 build 21996.1 x64 + activator.exe, which weighs as much as 1.75 GB, so that it seems to the user that the operating system can really have such a volume. In fact, the bulk of this volume is occupied by a certain file with the extension .dll, which contains a lot of useless information that is not used in any way during the installation.
If you open such an executable file, the installer will start, which looks like a normal installation wizard for Windows. Its main purpose is to download and run a second, more interesting file. It is also an installer, and it even has a license agreement, which says that along with the “download manager for 86307_windows 11 build 21996.1 x64 + activator”, a number of “sponsored programs” will be installed on the computer.
Researchers remind that currently Windows 11 is available only to members of the Windows Insider program, that is, to install it, you first need to register in this program.
You will also need a device with Windows 10 already installed. On that device, go to Settings, click on Updates and Security, and then select Windows Insider and activate the Dev Channel there to get an update to Windows 11.
Let me remind you that I also recently talked about the fact that Vulnerability in Windows 10 could allow gaining administrator privileges.