Connect with us

Microsoft

Watch out for fake Windows 11 installers – they’re riddled with malware

Only download your Windows 11 installers direct from Microsoft.

microsoft windows announcement
Image: Microsoft

Windows 11 is now in “broad deployment for eligible devices,” but be careful where you download it from. The day after Microsoft’s announcement, security researchers noticed a website offering fake Windows 11 downloads that were full of malware.

The website in question was noticed by security researchers at HP. At first glance, the website seemed legitimate. It used Microsoft’s images, was similar in style to the official website, and had the URL “windows-upgraded.com.” Sounds legit, right?

When you clicked on the Download Now button, instead of a Microsoft file you got something else. A 1.5MB ZIP archive named “Windows11InstallationAssistant.zip.” That seems in line with Microsoft’s naming style, although it downloads straight from a Discord CDN (content delivery network).

READ MORE: Microsoft accidentally let anyone upgrade to Windows 11

fake windows 11 website used to distribute malware
Image: HP researchers

Unpacking that file gets you a 754MB file folder, with an executable file inside. Just an FYI, that’s not how Microsoft deals with Windows upgrades anymore. Then again, not everyone has used the new install options to know what they look like.

Running that fake Windows 11 installer file sets a complicated chain of events into action. The end result? RedLine Stealer is installed, which BleepingComputer calls “the most widely deployed password, browser cookie, credit card, and cryptocurrency wallet info grabber.”

The upshot of this? There’s only one official place to get the upgrade to Windows 11 for your PC. That’s direct from Microsoft. Any other source runs the risk of malware, regardless of how legit the website seems.

That said, If your computer is still running an earlier version of Windows, use the PC Health Check app to find out if you can upgrade to Windows 11, and stay away from fakes.

Have any thoughts on this? Let us know down below in the comments or carry the discussion over to our Twitter or Facebook.

Editors’ Recommendations:

Comments

More in Microsoft