Blog

Some Windows 11 Upgrade Links Could Be Malware

May 16, 2022 | Blog

There’s a new hacking campaign underway that you need to be aware of especially if you or anyone you know is interested in upgrading to Windows 11.

The campaign appears to be a legitimate offer from Microsoft and it gives users the opportunity to upgrade to Windows 11 for free.

Unlike many campaigns of this type, this one distinguishes itself in that it does not rely on emails that spoof the Microsoft brand.  Rather, it leverages “poisoned” search results that leads a surfer to a site controlled by the hackers.

This page is a convincing replica of the official Microsoft promo page for Windows 11. Of course, it’s got malicious code embedded in it and when the site visitor enters their personal information in order to receive a code for their free upgrade, all they’re doing is handing that information straight to the hackers.

What’s really going on here is that the hackers are taking advantage of the fact that the average user isn’t aware of many of the details surrounding Windows 11.

For example, most end users are unaware of the fact that Windows 11 must meet certain very specific (and demanding) specifications. These include the fact that all legitimate upgrade tools will check to see if the user’s machine supports TPM or Trusted Platform Mode (version 2.0) which is built into machines no older than four years of age.

Naturally, the poisoned installer makes no such distinction and will happily allow the user to install the malicious code on whatever machine they happen to be using.

The hackers behind this campaign are using a piece of malware dubbed “Inno Stealer” which does not have any code similarities to other strains of malware in the wild today. So apparently, it is custom work built either by or for the hackers currently using it.

The best and surest way to avoid being taken in by this campaign is to navigate to Microsoft’s site direct by typing in the URL.  Don’t rely on search result links to get you there and you should be fine.

FBI Program Tasked with Infrastructure Security Compromised

FBI Program Tasked with Infrastructure Security Compromised

The FBI program tasked with ensuring critical infrastructure security has been compromised by hackers, who now offer access to the program's data on the dark web. The breach was initially disclosed by Brian Krebs of Krebs on Security, who claims that the data was for...

Streamline Your Business with the Latest Smart Home Technology

Streamline Your Business with the Latest Smart Home Technology

Are you a business owner looking to get the most out of your Google smart home devices? If so, you're in luck! Google has enabled its Nest products and Android OS with the initial rollout of the Matter smart home standard. This means that businesses now have the...

Data Breach at Sequoia One Exposes Sensitive Customer Information

Data Breach at Sequoia One Exposes Sensitive Customer Information

What do you do when your most personal information has been compromised? This is likely the question that customers of Sequoia One asked themselves earlier this month as they were informed that the company had been hacked. Sequoia One specializes in the management of...

Cisco Reports Critical IP Phone Vulnerability

Cisco Reports Critical IP Phone Vulnerability

As a business owner, it's important to stay informed about potential vulnerabilities that could impact your organization. Recently, Cisco reported a critical vulnerability, tracked as CVE-2022-20968, affecting its IP Phone 7800 and 8800 Series. This new vulnerability...

Google Chrome Releases Two New Features

Google Chrome Releases Two New Features

Google Chrome is one of the more commonly used web browsers. Over the years, though, Chrome has gained a reputation for utilizing a large portion of a computer's memory. This can be a problem if you're running other resource-intensive tasks and don't want to slow...

Get a Free Consultation

 

Fill out the form below to receive a free consultation and learn how we can make your technology worry-free!

 

Contact Information

  • 39301 Badger Street, Suite 500
    Palm Desert, CA 9221
  • (760) 333-8523
  • info@icn.tech