Watch out for fake Windows 11 downloads that spread malware
Malicious actors used a fake Windows 11 download page in an attempt to spread malware.
What you need to know
- A fake Windows 11 update page was used by attackers to infiltrate PCs.
- The attack used a fake Windows 11 website that directed people to download malware.
- A similar campaign ran in December 2021, though that attack used a fake Discord website.
Threat actors took advantage of people looking to upgrade to Windows 11 earlier this year. Microsoft's new operating system entered its last phase of availability on January 26, 2022. Attackers quickly jumped to action, initiating a malware campaign the next day that utilized a fake website impersonating a page to download Windows 11.
HP outlines its discovery of the attack on its Threat Research Blog. HP's team noticed that a malicious actor registered the "windows-upgraded[.]com" domain on January 27, 2022. The page had been designed to appear like an official Microsoft website to download Windows 11. Instead, it directed people to a link that downloaded RedLine Stealer, which is a type of malware that steals information.
The Threat Research Blog post breaks down the malware campaign in more technical detail. The key takeaway is that malicious actors hopped on a trending news story to try to take advantage of everyday PC users. Since Microsoft had just entered the final phase of rolling out Windows 11, many people were looking for a way to update.
The fake website was rather convincing. It uses Microsoft's iconography and general site layout.
If you need help getting Microsoft's newest OS, you can follow our guide on how to upgrade to Windows 11.
A similar campaign was discovered in December 2021. That attack used fake versions of Discord's website and sites from other popular messaging services. That campaign also distributed RedLine Stealer.
Get the Windows Central Newsletter
All the latest news, reviews, and guides for Windows and Xbox diehards.
Sean Endicott is a tech journalist at Windows Central, specializing in Windows, Microsoft software, AI, and PCs. He's covered major launches, from Windows 10 and 11 to the rise of AI tools like ChatGPT. Sean's journey began with the Lumia 740, leading to strong ties with app developers. Outside writing, he coaches American football, utilizing Microsoft services to manage his team. He studied broadcast journalism at Nottingham Trent University and is active on X @SeanEndicott_ and Threads @sean_endicott_.