In a shocking new discovery, Windows 11 users have found a website claiming to furnish devices with the latest version of the operating system that, in reality, infects devices that download the update with Windows 11 malware. This specific malicious software is designed to steal your private information. The worst detail about this entire story is that the website looks like an authentic Microsoft page, meaning any unassuming user would need an expert to tell which is the harmful site.
The website is still active at the time of writing, and even more alarming is the fact that the hackers have been able to poison browser search results to ensure that the malicious site shows up in the top searches for Windows 11. The website is complete with Microsoft logos, an authentic ‘download now’ button, and Microsoft’s favicons.
You can upgrade your device to Windows 11 without fear of malicious software by using Microsoft’s built-in Update & Security utility in the Windows 10 settings app. The problem, of course, is that Windows 11 has rather resource-intensive upgrade requirements. In general, if your device is older than 4 years, it may not have the required Trusted Platform Module (TPM) version 2.0. Therefore, the conventional methods to upgrade to Windows 11 will be unavailable to you. In such cases, websites like the fake upgrade site that is the subject of this article hold a certain power over users who desperately want to upgrade to Windows 11 but whose devices don’t make the cut.
CloudSEK, a cyber security and machine intelligence company, has said that the threat actors behind the website and infection campaign are using Inno Stealer, a new malware named for its use of the Inno Setup Windows Installer utility. The loader file for the new malware is the Windows11Setup.exe executable file, which dumps a temporary file onto your system, which in turn creates another.TPM file.
Tech-speak aside, the issue is that the downloaded file first off duplicates itself in various places so that it can’t be fully wiped out; it then goes a step further to implement various security overrides for Microsoft Defender and ESET products so that it doesn’t get picked up as a virus or malware. It then proceeds to steal your most valuable information.
In conclusion, it’s not wise to try and upgrade to Windows 11 from anywhere but the official Update & Security utility. If your device cannot support Windows 11, don’t try and force it to. We have, however, got a guide to installing Windows 11 on unsupported devices the right way, but we wouldn’t recommend doing it. Listen to your device. No means no.