Published 18:11 IST, February 13th 2022
HP cybersecurity researchers find fake Windows 11 installer that contains malware
When a user downloads the fake Windows 11 installer, they get a file called "Windows11InstallationAssistant.zip" which weighs 1.5MB. It contains malware.
- Tech
- 2 min read
California-based computer manufacturing company HP has discovered a fake Windows 11 installer application that is loaded with malware. The Windows 11 installer is floating on the internet with RedLine Stealer, a malware that is capable of stealing users' personal information after being downloaded on a computer system. Keep reading to know more about the malware and how it gets into a PC, ergo how can one prevent being infected.
As mentioned above, the RedLine Stealer malware is capable of stealing users' personal information including passwords, browsing history, banking information and cryptocurrency wallet details as well. Some users might have secondary information linked with their computer or the applications and accounts stored in a computer. These malware loaded Windows 11 installers are circling on malicious websites and can get into a PC once downloaded and installed.
Bad actors are floating malware via fake Windows 11 installers
Along with Windows 11, Microsoft increased the basic system requirements for upgrading to the OS. While all Windows 10 users are eligible for a free update to Windows 11, not everyone's PC supports the hardware requirements. While installing Windows 11 through the authentic installer program discovers and informs users of hardware incompatibility, the fake Windows 11 installer pretends to download the new operating system anyway.
When a user downloads the fake Windows 11 installer, they get a file called "Windows11InstallationAssistant.zip" which weighs 1.5MB. The zip file contains about six Windows DLLs and one XML file and another executable file. Once the users decompress the file, they get a folder that weighs 753MB. While this file has an unusually higher compression ratio, it contains the RedLine Stealer malware. The details have been revealed by researchers at HP.
How to prevent the Windows 11 malware?
Upon executing the fake Windows 11 installer, the malware gets into a computer and can then extract users' personal information. The malware can download and upload files without users' consent, and execute files as well. To prevent this malware from getting into the PC, users should not download any files from untrusted sources. The official website to download Windows 11 installer is https://www.microsoft.com/software-download/windows11. Downloading Windows 11 from any other sources or other malicious websites may lead to the compromise of data and other resources in a computer.
Updated 18:11 IST, February 13th 2022