A Fake Windows 11 Upgrade Can Steal Your Browser Data and Crypto Wallet
Cyber crimes have seen an increase during the pandemic with different types of attacks such as phishing, ransomware and crypto scams. In a new campaign that has been exposed, a fake Windows 11 upgrade site is used to attack victims and collect their web browser cookies and other stored credentials, including data from wallets. cryptocurrency as well as the file system.
Windows 11 is the latest version of Microsoft’s desktop operating system after Windows 10. However, Microsoft released the new operating system with strict system requirements, which makes it difficult for users to upgrade to the new upgrade. day. Desperate for the latest operating system, several users have tried to search for all the workarounds and “cracked” files to install Windows 11, which gives cyberattacks many targets to prey on.
According to CloudSEK security researchers, the malware can steal data from web browsers and crypto wallets. The fake website designed by attackers had identical logos, fonts and design to the original Microsoft upgrade site. It should be noted that the website is currently being taken down.
According to Bleeping Computer, the fake site promises users to install Windows 11 even on an unsupported device. As soon as a victim clicks on the link, an ISO file loaded by malware is downloaded. The researchers named the new malware “Inno Stealer” because it uses the Windows Inno Setup installer.
Once the malware is installed, it starts disabling Windows security features such as registry security, disabling Windows Defender Antivirus and even third-party security programs from Emisoft and ESET.
After disabling all security features, the malware then executes a malicious program named “Windows11InstallationAssistant.scr” which contains malicious code designed to steal all sensitive data.
The researchers note that the malware can read information from web browsers, including stored cookies, login credentials and even access your crypto wallet’s “seed phrase” (password) and steal your cryptocurrency. and your NFTs.
The report mentions that most of the browsers including Chrome, Edge, Opera, Vivaldi, Comodo, Brave, Torch are vulnerable to Inno Stealer malware except Mozilla FireFox.
Researchers recommend users to download ISO files only from official Microsoft website. Major OS upgrades should only be done from your Windows 10 Control Panel or get the installation files directly from source.
Meanwhile, an FBI report said 2021 was an exceptionally bad year for victims of cybercrime, with people believed to have lost nearly $7 billion to online attacks and scams.