finestre 11 L'aggiornamento installa malware che ruba informazioni

I criminali informatici convincono gli ignari utenti a installare un falso aggiornamento di Windows 11, che in effetti, copies malware into the system that steals data from the browser and information about cryptocurrency wallets.

The attackerscampaign is currently active, so you should be especially vigilant about offers to upgrade the OS to Windows 11. Fraudsters promote their sites by copying the official Microsoft web page through search results.

As you know, a corporation from Redmond offers users a unique tool that will help you check your computer’s compatibility with the latest version of the operating system. The only condition to run this tool is to have Trusted Platform Module (TPM) version 2.0 installed on computers no older than four years.

The cybercriminals behind the fake upgrade are counting on potential victims not to bother with the requirements of Windows 11 but go straight to installing it. When writing, the malicious site was still functioning, and users could be misled by logos, the favicon icon, and the “download now” button.

finestre 11 Upgrade
finestre 11 Upgrade

By the way, this mentioned button does not work for those who sit through TOR or VPN. Instead, ordinary visitors receive an ISO file containing the info-stealer executable file. CloudSEK researchers named this malwareInno-Stealer”.

Having made its way into the victim’s system, the malware begins collecting information from popular applications, including Chrome, Edge, Brave, Opera, Vivaldi, 360 Browser, and Comodo browsers. Inno Stealer is also interested in the data of cryptocurrency wallets.

Inoltre, the info-stealer can launch additional malicious programs, but it does so only at night so as not to arouse the user’s suspicions. Inno Stealer may well pull information from the clipboard or replace it.

Lascia un commento