Fake Windows Upgrade Website Delivering Information Stealer Malware

    Cybercriminals are becoming more cunning in delivering their malware and viruses. Since the COVID-19 pandemic began, cybercriminals have teamed up. Their attacks increased on big and small companies and individuals. 

    Many chose remote working as their new conduit to work online. Many people have suffered due to hacks and data breaches and, in turn, the companies they worked for. Phishing websites are now a favorite method for hackers to infiltrate PCs. 

    Promotional items, for example, are often used to steal victims’ credentials once they reveal their information. However, CloudSEk researchers have recently undercover a multi-stage information stealer malware that targets Windows users. 

    This new malware can steal browser information from users, crypto wallets, and more. The malware is deployed masquerading as an ISO file Windows 11 upgrade on the victim’s PCs. The malware is part of a fraudulent campaign that uses fake domains to host the payload. 

    Fake Windows upgrade malware 

    The latest major Microsoft Windows operating system is Windows 11, since October 2021. Even when the new OS upgrade was in its beta stages, cybercriminals targeted victims. They conducted such attacks by offering Windows 11 upgrades. 

    At the end of 2021, a Windows 11-themed malware campaign was discovered by a security firm. However, it isn’t the first time a malware poses as a Windows upgrade. A couple of years ago, many cybercriminals would email their victims about an upgrade to their Windows 10. 

    They would offer such upgrades for free. Such emails contained attachments where ransomware and other malware were present. These viruses are activated once the victim opens the attached files. 

    The latest Windows Upgrade malware uncovered by CloudSEK has been disassembled. The researchers reverse-engineered the malware to understand its installation and payload injection better. 

    Researchers discovered that the new Windows 11 malware was built using the Delphi programming language. The binary used by cybercriminals is coded in Visual Basic before being converted into executables.

    An open-sourced Batch obfuscator is employed to hide the malware, while the attackers used the Inno Setup 6.1.0 installer. A fake domain hosting Windows 11 upgrades was used to deploy the stealer malware on unsuspecting victims. 

    How the malware found its way to users?

    Cybercriminals used SEO to make their fake domain hosting Windows 11 upgrades appear in search engines more easily. Anyone searching for such updates was highly likely to find this website and install the fake Windows updates. 

    The crypto stealer malware would steal personal information from its victims, such as browser data and crypto-wallet data. The data would then be sent to a C2 server, most likely created by the same hackers. These cybercriminals would most likely sell their victim’s data to third parties or use their information in other ways. 

    Microsoft officials stated that Windows 11 would continue to upgrade its security in the future. However, both remote working employees and individuals are still vulnerable to cyberattacks. 

    Protecting yourself online 

    Even though cyberattacks are on the rise, it doesn’t mean you can’t stay protected online. Many attacks are successful due to people’s unawareness rather than poor cybersecurity tools. However, combining cybersecurity knowledge and tools is essential in protecting your online data. Here is what you can do: 

    Inform employees 

    Many companies should actively train their employees about cybersecurity best practices. They need to understand what is at stake, how cybercriminals target victims, and what tactics they use. You can raise awareness and avoid costly mistakes through routine cybersecurity session training. The weakest cybersecurity link for your business will always be the human factor. 

    Use a VPN 

    Consider using VPNs while you browse online. A VPN is a virtual private network that protects you from prying eyes. You can disguise your IP with a fake one, gaining privacy and online protection. 

    Depending on the VPN provider, you can also benefit from other features to enhance your online privacy and cybersecurity. With a VPN, you can also benefit from secure public WiFi connections as they will hide your data. A VPN, according to the NordVPN Wikipedia Page, can even hide your online data from your internet provider or even the government.

    Avoid pirating online 

    Many games, movies, and software are accessible online. However, you should avoid pirating them as any of these files can have malware attached. Sometimes, you can get crypto-mining malware, which is difficult to remove and raise your electricity bills. 

    In other cases, you can face ransomware attacks. The malware will hold your data hostage until a payment is made in this scenario. You might be able to get back your data without paying. However, it is a complex procedure as well. 

    Update from official sources 

    Never update your OS or other software from third parties. Always go with the official manufacturer’s website if you want to update anything on your PC.

    You must follow the above described tips and aspects in order to strengthen your online safety and security.



    RELATED ARTICLES

    Telegram group link

    Telegram Group Link: 100+ India’s Top Channels, Join Now!

    Telegram group link, a phrase many have typed into search bars, often leads to a...
    How to Create AI Videos from Pictures

    How to Create AI Videos from Pictures?

    Even today, digital static imagery is increasingly complex in capturing attention, especially in an attention...
    Jojoy Toca Boca

    Jojoy Toca Boca: Unlocking Creativity Through Interactive Play

    In an ultra-modern digitally immersive international environment, in which screens are important to kids’ play...
    Top 10 PCB Design Companies

    Top 10 PCB Design Companies in 2025

    The demand for high-performance electronics has intensified across every sector, from consumer gadgets to aerospace...
    how to start cloud kitchen from home

    How to Start Cloud Kitchen from Home With No Experience

    Ever stand in your kitchen, whipping up something amazing, and think, “People would pay for...
    Android's new security feature

    Android’s New Security Feature: A Major Leap in Mobile Protection

    In the ever-changing digital age, security is an issue of great importance to smartphone users....
    HDhub4u.futbol

    HDhub4u.futbol: Why It’s Always Trending on Google

    In this digital age, you see great change from cinema halls and cable TV to...
    Telegram group link

    Telegram Group Link: 100+ India’s Top Channels, Join Now!

    Telegram group link, a phrase many have typed into search bars, often leads to a...
    Filmy4web Mp4moviez

    Filmy4web Mp4Moviez: The Rise and Risk of Free Movie Downloading Sites

    In today's digital age, leisure is just a click away. From worthy Netflix series to...
    social media

    The Best Times and Tactics to Attract More Social Media Followers

    A big social media following needs planning, timing, and interaction rather than only consistent content...
    trading

    The Future of Trading: Embracing 3-in-1 Accounts for Financial Growth in India

    India’s retail investment landscape has undergone a massive transformation in the last decade. From being...