Fake Windows 11 installers now used to infect you with malware

Scammers are already taking advantage of the hype surrounding Microsoft's next Windows release to push fake Windows 11 installers riddled with malware, adware, and other malicious tools.

While Windows 11 will start rolling out worldwide during early 2022, Microsoft has already made it available for install to all customers enrolled in the Insider program after officially unveiling it as the next version of Windows last month.

However, hundreds of users have already downloaded installers from unnoficial sources are getting infected with malware, as Kaspersky security researchers discovered.

"Although Microsoft has made the process of downloading and installing Windows 11 from its official website fairly straightforward, many still visit other sources to download the software, which often contains unadvertised goodies from cybercriminals (and isn’t necessarily Windows 11 at all)," Kaspersky said

"Kaspersky products have already defeated several hundred infection attempts that used similar Windows 11–related schemes."

Malicious installers bundled with fake Windows activators

A lot of the malware distributed by attackers this way were downloaders designed to deliver other malicious payloads on the victims' already infected computers.

Windows 11 installer lures were also used to directly push a wide range of other payloads, ranging from adware (considered mostly harmless by anti-malware software) to a lot more dangerous trojans, password stealers, and similar hazardos stuff.

One of the infected users downloaded a 1.75 GB fake Windows 11 installer which, once launched, displayed what looked like Windows installation wizard.

However, the malicious installer would actually download and run a second installer designed to install adware, potentially unwanted programs, and malware.

"The second executable is an installer as well, and it even comes with a license agreement (which few people read) calling it a 'download manager for 86307_windows 11 build 21996.1 x64 + activator' and noting that it would also install some sponsored software," Kaspersky added.

"If you accept the agreement, a variety of malicious programs will be installed on your machine."

Fake Windows 11 installer
Fake Windows 11 installer (Kaspersky)

Install Windows 11 via official channels

To avoid getting infected with all sorts of nasty malware by rogue Windows 11 installers, you should always download official ones from official sources only.

Windows 11 is available to all users registered in the Windows Insider program and can be installed on any Windows 10 computer.

As part of the June Windows 11 announcement, Microsoft also published the Windows 11 hardware requirements, which state that a TPM 2.0 security processor is required to upgrade or install Windows 11.

However, Microsoft said that Windows Insiders already in the Dev channel could still install Windows 11 preview builds even if not meeting the OS' minimum system requirements.

After enrolling in the Windows Insider program, you can upgrade to Windows 11 by going into Settings > Update & Security > Windows Insider Program, and then activate the Dev Channel to get the Windows update.

Related Articles:

Windows 11 22H2 Home and Pro get preview updates until June 26

Windows 11 KB5035942 update enables Moment 5 features for everyone

Windows 11, Tesla, and Ubuntu Linux hacked at Pwn2Own Vancouver

Windows 11 gets single Teams app for work and personal accounts

Microsoft has started testing Wi-Fi 7 support in Windows 11