Cybersecurity researchers identify a new cybercrime campaign that spreads malware that yields information Windows 11 melhoria. Windows 11 is the most recent version of Microsoft’s desktop operating system and is widely accepted by users. However, due to strict system requirements, many computers in perfect working order are not officially qualified to receive the update. Desperate for the latest software, people try all kinds of quick fixes and unofficial methods to install Windows 11 on their computers, giving malicious agents many tricks to attack.
Cybercrime has been on the rise of late, reaching its peak during the pandemic. Many different types of cybercrime have increased during this period, including phishing, ransomware, spyware, cryptographic hacks, and many more. Another popular method is to use fake software, including fake antivirus programs, to deliver malicious payloads. According to an FBI reporter, the past year has seen an extraordinary number of victims of cybercrime, with people losing nearly $7 billion to online attacks and beatings.
CloudSEK security seekers have discovered a fake Windows 11 update site that delivers data-driven malware on Windows PCs. I agree with Computer connected, which has exclusive access to search history, the malware can search for web browser data and cryptographic cards. The site, which is now retired, looks almost identical to Microsoft’s original Windows 11 update site, with authentic logos, fonts, and appearance. The site promises to help users install Windows 11 on unsupported systems, but provides a malware-laden ISO file for download. CloudSEK searchers named the new malware “Inno Stealer,” after its use of Inno Setup Windows Installer.
In terms of modus operandi, this means that malware runs several processes, including some that run scripts to disable various Windows security tools, including registry security. The malware also adds exceptions to the antivirus integrated into Windows Defender and has installed third-party security tools from Emsisoft and ESET. After all security software is disabled, the malware executes commands with higher system privileges and creates a process called Windows11InstallationAssistant.scr that contains the datalog code. It can also read web browser information, including stored cookies, login credentials, and much more.
Almost all major web browsers are vulnerable to Inno Stealer, with the possible exception of Firefox. The report lists Chrome, Edge, Opera, Vivaldi, Comodo, Brave, Torch, and many other browsers as malware vulnerabilities, but Firefox stands out for its absence from the list. As much as there is malware, apparently it can also execute data stored on cryptographic cards and in the computer’s file system. In general, Inno Stealer malware can cause problems on any PC, but these types of problems are generally easy to avoid. Researchers advise users not to download ISO files from untrusted sources and to use the official Windows update channel to get updates. There are safe installation methods Windows 11 in systems that are not officially supported, but it is not.
Source: Computer connected