Recently, Microsoft has officially introduced a new version of its Windows operating system (OS), Windows 11, which will roll out to PC owners later this year. However, as the OS is now available for download and early adoption, Kaspersky has found the update is already being used by cybercriminals to distribute malware under the guise of Microsoft’s new operating system.
To gain more insight into how fraudsters are taking advantage of impatient Windows users, Kaspersky researchers analysed malicious files appearing to be the Windows 11 update. During just the first month of the new OS release, Kaspersky products detected and prevented 850 attempts to infect users through files with various threats disguised as Windows 11.
Kaspersky experts also highlighted the diversity of the threat landscape. They uncovered relatively harmless downloaders and adware, which Kaspersky solutions classify as not-a-virus, as well as fully-fledged Trojans, backdoors and stealers aiming to collect user’s secrets like saved passwords or cookies from browsers.
For instance, the company’s researchers found one malicious file, with a size of 1.75 GB, so that the user thinks that it could really be an operating system. It contains a lot of useless data that is not used in any way during the installation. If a user opens this file, the installer will start, which looks like a normal Windows installation wizard. Its main purpose is to download and run a second installer, which in turn sets up adware, potentially unwanted apps or other types of malware on the system. Most interestingly, in this case, the user gives permission for installing all of that themselves.
“The new Windows 11 operating system is a huge release, which attracts the interest of many users and tech enthusiasts,” says Anton V. Ivanov, a security expert at Kaspersky. “Understanding this demand, fraudsters have quickly adapted, spreading various forms of malware disguised as the new operating system. By getting too excited to experience the new OS, users are less likely to pay attention to the process and may download files from third-party sources – which is something that we advise to never do. And attackers are only too happy to offer them their services.”
To avoid downloading malicious files mimicking Windows 11, Kaspersky recommends that you should:
- Be skeptical about news or generous offers for the new operating system.
- Always check the authenticity of the websites you visit.
- Only download operating systems from official stores.
- Use a reliable security solution, such as Kaspersky Security Cloud, for comprehensive protection from a wide range of threats.