This password-stealing malware posed as a Windows 11 download

Windows 10 users need to be cautious about fake Windows 11 installers that are being used to spread the info-stealing RedLine malware.

RedLine is not especially sophisticated malware but can steal passwords and is sold as an online service for $150 a month to people who want to steal cryptocurrency like Bitcoin or Ethereum. 

Crooks use numerous tricks to get the unwary to download it, and now HP has now found them using fake promises of Windows 11 upgrades as a lure to trick PC users into install the malware. 

Microsoft has set a high bar for hardware that is eligible for the upgrade to Windows 11 and leans towards newer processors. Few devices were initially eligible but Microsoft recently announced it was accelerating the roll out to meet unexpected demand.    

In this case, the hackers tried to used Microsoft’s January 26 announcement that it was “entering its final phase of availability and is designated for broad deployment for eligible devices” as an angle, as they registered their own fake domain the day after.

HP security researchers found that RedLine actors registered a fake domain in the hope of tricking Windows 10 users into downloading and running a fake Windows 11 installer. The attackers

Read More: