Fake Windows 11 installer is spreading online

Be careful: it steals passwords, bank card data and crypto-currency wallets. 11-67e8946.jpg” alt=”Fake Windows 11 installer distributed online” />

HP cybersecurity experts warned of a new danger for users who want to install Windows 11. They discovered a fake site that looks like the official page of the new OS. It offers to download an alleged system installer, which, as it turned out, contains the RedLine Stealer malware.

The windows-upgrade.com domain was registered a day after the announcement of the final stage of the Windows 11 upgrade. The link to the site is distributed through the exchange system Discord messenger files.

If you click on it and click on the download button, the Windows11InstallationAssistant.zip archive of about 1.5 MB will be saved to your computer. It contains six library files, an XML document, and a portable executable file.

If you unpack the archive and run the installer, RedLine Stealer malware will appear on your computer instead of Windows 11. This pirated software is dangerous because it can collect almost any information about the software and hardware of the computer. It steals saved passwords from browsers, data about bank cards and accounts for entering cryptocurrency wallets.

In order not to become a victim of cybercriminals, it is recommended to download software only from official sites, do not follow dubious links and do not save to browsers important information.