Beware.. a fake site to trick those who want to download Windows 11

 Researchers at CloudSEK Information Security have spotted a malicious website that aims to deceive those wishing to upgrade their computers operating systems to Windows 11, while in fact stealing their browsing data and cryptocurrency wallets.

According to "Bleeping Computer", the fake site is designed in a very precise way to provide a copy of the design of the official promotional page for Windows 11 on Microsoft's site.

The fake site promises its visitors that it allows them to directly download the latest Microsoft operating systems for personal computers, without mentioning any details about the basic requirements that must be met by the user's computer to run it.

What is suspicious is that analysis of the site data shows visits by hundreds of thousands of users from around the world, who may have been deceived into trying to get free copies of Microsoft's latest operating system.

Fake Windows 11 file carries security risks

According to a report published by The Verge, the site is naturally archived in Google search results, so when someone searches for a way to get a free copy of Windows 11, they can reach the fake site.

When the user clicks download for the free version of the system, it starts downloading an ISO file just like Microsoft does, but the file contains inno Steater hack files.

The file first starts disabling the security programs on the victim's computer, from the official Windows Defender security system to the most advanced programs of other companies, and at the same time disables the Registery privacy settings before the attack begins on the victim.

The files create a connection between the victim's computer and the hacker's server, and it starts transferring the stored files from the victim's internet browser, starting from the history and addresses of visited websites and cookies stored to the username and password data already stored on the browser for various websites.

The malicious files were programmed to first search for the data of cryptocurrency wallets sites to access them first in case the victim uses any of them, in order to steal them, and then tries to access electronic banks or sites that keep bank card data when using them to buy something.


Font Size
lines height