Upgrading to Windows 11? Be careful where you get a copy of the installation media, as there’s an unofficial version out there with malware inside.

Per CloudSEK threat researchers via BleepingComputer, bad actors are manipulating search engines so that their fraudulent websites that are disguised to look like a legitimate Microsoft page for Windows 11 appear among top search results and await unsuspecting users to download their unofficial installer.

Specifically, the actors target users whose computer hardware doesn’t pass Windows 11 requirements but who are nonetheless desperate to upgrade.

Screenshot of windows11-upgrade11.com website | Image: BleepingComputer

Via the compromised installer, the bad actors inject malware called Inno Stealer into the operating system and make the necessary adjustments to disable built-in OS security features and prevent the installation of third-party antivirus software. The malware also acts as spyware and can steal cryptocurrencies and account credentials.

To be safe, always get your Windows installation media at the official website.

Leave a comment

Your email address will not be published. Required fields are marked *