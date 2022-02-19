Beware: This fake Windows 11 upgrade infects you with malware instead

Hackers created an impressive fake Microsoft site to steal personal info and cryptocurrency.

(PC World (US online)) on

body>

When it comes to computer security, one must remain ever vigilant. If you need a refresher on that lesson, HP's Threat Research department is ready to give you one today. Researchers spotted an incredibly convincing fake website, purporting to offer Windows 11 upgrades straight from Microsoft. Instead it served up a heaping helping of malware.

The scam is actually pretty impressive. The operators of windows-upgraded.com (now decommissioned) copied Microsoft's presentation and style perfectly, with a big friendly download now button for all those interested in an upgrade or clean install. What duped users actually got was a 1.5MB ZIP file containing Windows11InstallationAssistant.exe, which downloads a DLL disguised as a JPEG file.

The end result is the installation of the well-known RedLine Stealer malware suite, dedicated to swiping usernames, passwords, credit card numbers, and cryptocurrency information, among other tasty bits of user data.

Fake windows 11 download site

This fake Windows 11 download site is awfully convincing.

HP

Similar fake downloads for popular bits of software, like the Discord chat program, have been seen before. HP's analysis reminds us to always be wary of download sites, even if they're found via reputable search engines, and always keep that anti-virus scanner running. Oh, and if you want to know how to legitimately download and apply the update for Windows 11, check out our exhaustive guide here.

Michael Crider

Michael Crider

PC World (US online)
