Kaspersky urges caution against fake Windows 11 installer

Cybersecurity company Kaspersky says scammers are distributing malware and adware made to look like Microsoft Windows 11 urging users to take caution.

Cybersecurity company Kaspersky is warning eager users to take care when downloading and installing preview versions of Windows 11 after detecting malware-laden fake installers.

With the new OS from Microsoft highly-anticipated, many users have flocked to the Windows Insiders programme to experience and download Windows 11 preview versions.

But researchers from Kaspersky have warned of malware-riddled fake Windows 11 installers targeting keen Microsoft fans, and have urged users to be on their guard. The company says that hundreds of such attempts by fake malware-laden Windows 11 downloaders to install and run other applications in the background have already been nullified.

"Kaspersky products have already defeated several hundred infection attempts that used similar Windows 11–related schemes. A large portion of these threats consists of downloaders, whose task is to download and run other programmes," Kaspersky said in a statement on its website.

"Those other programmes can be very wide-ranging, from relatively harmless adware, which our solutions classify as not-a-virus, to full-fledged Trojans, password stealers, exploits, and other nasty stuff.

"Download Windows 11 from official sources only, as Microsoft advises. So far, Windows 11 is officially available only to participants in the Windows Insider programme that is, you have to register. You’ll also need a device with Windows 10 already installed," Kaspersky added.

In one example, Kaspersky spotted an installable file called '86307_windows 11 build 21996.1 x64 + activator.exe' which seems related to Windows 11 installation and some sort of license activator. This 1.76GB file may look genuine but all it has is a DLL file with some useless information.

However, running the installable file, which has been made to look like a genuine Windows Installation Wizard, starts downloading other applications in the background. This second installable file even has a licence agreement that states that the installer will install some sponsored apps to install Windows 11 on your PC.

The moment a user agrees, it starts downloading and installing malicious files from the internet, causing a serious threat to the data saved on the device.


Featured Articles

IT and OT security with Ilan Barda, CEO of Radiflow

Cyber Magazine speaks with Radiflow’s CEO, Ilan Barda, about converging IT and OT and how leaders can better protect businesses from cybersecurity threats

QR ‘Quishing’ scams: Do you know the risks?

QR code scams, or Quishing scams, are rising and pose a threat to both private users and businesses as cyberattacks move towards mobile devices

Zero Trust Segmentation with Illumio’s Raghu Nandakumara

Head of Industry Solutions at Illumio, Raghu Nandakumara, offers insight into the proposed ban on ransom payments and how businesses can utilise Zero Trust

Is the password dead? Legacy technology prevents the shift

Network Security

Fake Bard AI malware: Google seeks to uncover cybercriminals

Technology & AI

Gartner report highlights threat of supply chain attacks

Cyber Security