When it comes to computer security, one must remain ever vigilant. If you need a refresher on that lesson, HP’s Threat Research department is ready to give you one today. Researchers spotted an incredibly convincing fake website, purporting to offer Windows 11 upgrades straight from Microsoft. Instead it served up a heaping helping of malware.
The best antivirus suite
Norton 360 Deluxe
Read our reviewPrice When Reviewed:$49.99 for the first yearBest Prices Today:$19.99 at PCWorld Software Store | $49.99 at Norton
The scam is actually pretty impressive. The operators of “windows-upgraded.com” (now decommissioned) copied Microsoft’s presentation and style perfectly, with a big friendly “download now” button for all those interested in an upgrade or clean install. What duped users actually got was a 1.5MB ZIP file containing “Windows11InstallationAssistant.exe”, which downloads a DLL disguised as a JPEG file.
The end result is the installation of the well-known RedLine Stealer malware suite, dedicated to swiping usernames, passwords, credit card numbers, and cryptocurrency information, among other tasty bits of user data.
HP
Similar fake downloads for popular bits of software, like the Discord chat program, have been seen before. HP’s analysis reminds us to always be wary of download sites, even if they’re found via reputable search engines, and always keep that anti-virus scanner running. Oh, and if you want to know how to legitimately download and apply the update for Windows 11, check out our exhaustive guide here.
Author: Michael Crider, Staff Writer
Michael is a former graphic designer who’s been building and tweaking desktop computers for longer than he cares to admit. His interests include folk music, football, science fiction, and salsa verde, in no particular order.
Recent stories by Michael Crider:
Ring of bogus web shops steals 850K credit card numbersIf you get a phone call from LastPass, it’s a scamScraper spies on 600 million Discord users and sells the data