Fake Windows 11 Installer Injects RedLine Stealer Malware

Must Read
Sienna Rowley
Sienna Rowley
Sienna is an editor at Cloud Host News. She is an internet enthusiast, always eager to explore the latest trend in the tech space. She is a modest family woman who loves traveling in her free time.

Threat actors are running campaigns to spread fake Windows 11 installers on the internet.

According to cybersecurity researchers from HP, hackers are mimicking the installer to inject RedLine Stealer malware that can steal credentials, cryptocurrency wallet information, data of credit card, browser info, etc.

Additionally, researchers at HP noted that the actors had timed their campaign quite well; lately, Microsoft announced that it is offering a Windows 11 upgrade to every eligible device through the Windows Update.

And, malicious actors have leveraged this phase by setting up a domain named windows-upgraded.com that imitates Microsoft. Though this domain has been taken down, several others need to be discovered.

The fake websites consisted of a 1.5 MB zip file named Windows11InstallationAssistant.zip; when downloading files from such sites, the users end up installing malware instead of the genuine installer.

The RedLine malware is so dangerous that it can easily steal cryptocurrency wallet information and target FTP and IM clients. Furthermore, the malware is also capable of uploading, downloading files, and executing commands to communicate with its C2 server.

We suggest our readers download upgrades and updates from Microsoft’s official website. By doing so, you can keep your system safe from malware and other threats.

Looking for more Microsoft news? Signup for our newsletter for the latest update.

- Advertisement -spot_img
Latest News

SparkyLinux 6.6 Now Available to Download

Debian-based GNU/Linux distro, SparkyLinux has got a new update Sparky 6.6 named as Po Tolo. Based on Debian 11, Sparky...
- Advertisement -spot_img

More Articles Like This