Advertisement

Scammers are using fake Microsoft 11 installers to spread malware

The malicious sdownloads range from relatively innocuous adware to password stealers and trojans.
Launch of Microsoft's Windows 10 in Sydney on July 29, 2015 in Sydney, Australia. (Getty Images)

Windows 11 won’t hit the street until later this year, but that hasn’t stopped hackers from trying to use it to infect victims with malware.

Security firm Kaspersky warned on Friday that crooks were exploiting people overeager to get their hands on the Microsoft operating system update, due for fall release, with fake installers.

“Although Microsoft has made the process of downloading and installing Windows 11 from its official website fairly straightforward, many still visit other sources to download the software, which often contains unadvertised goodies from cybercriminals (and isn’t necessarily Windows 11 at all),” Kaspersky wrote.

Those sarcastic “goodies” range from relatively innocuous adware to password stealers and trojans.

Advertisement

It’s not unprecedented for cybercriminals to use demand for a product or service to take advantage of victims, be it coronavirus contact tracing apps or the Telegram encrypted messaging app.

Microsoft announced Windows 11 in late June, and shortly after made an initial “insider preview” available. Notably, the company has touted security as the top guiding principle for developing the operating system upgrade.

The fake installers are spreading as Microsoft is tussling with several security threats targeting the company.

Microsoft released information last week on how to mitigate the “PetitPotam” attack that could allow takeover of Windows domains, and a workaround for the “SeriousSAM” vulnerability that could give attackers administrative privileges.

The company also warned last week about an evolving cryptocurrency mining malware, LemonDuck, affecting Microsoft machines.

Advertisement

“Today, beyond using resources for its traditional bot and mining activities, LemonDuck steals credentials, removes security controls, spreads via emails, moves laterally, and ultimately drops more tools for human-operated activity,” according to a blog post.

Tim Starks

Written by Tim Starks

Tim Starks is senior reporter at CyberScoop. His previous stops include working at The Washington Post, POLITICO and Congressional Quarterly. An Evansville, Ind. native, he's covered cybersecurity since 2003.

Latest Podcasts