Cybersecurity Researchers HP has found an online fake Windows 11 installer application that hides redline redline malware.
If you are not aware, Redline Steuler is a strong malware that is able to steal personal information such as a password, browser info along with banking information including Cryptocurrency wallet details, credit card data, and other information that goes to your PCA last month, Microsoft launched the operating system Windows 11.
All Windows 10 users are qualified for free upgrades to new OS through system improvement features but not everyone has the necessary hardware specifications.
Fraudsters have used this situation and have established a domain with a fake Windows 11 installer that imitates Microsoft.
As mentioned in the report, HP researchers have found a Windows -Upred.com domain similar to the official Microsoft page.
The report has mentioned that several links have been lowered but many are still out there.
Users who eventually download files from this dangerous website, get the zip archive file named “Windows11InstalSistant.zip”.
The report revealed that the ZIP file was only 1.5 MB and contained six Windows etc., XML files and can be executed portable.
After decompressing the archive, the user gets a folder with a total size of 753MB.
Windows11InstalSistant.exe which can be executed is the largest file at 751MB.
Because the compressed size of the ZIP file is only 1.5 MB, this means it has an impressive compression ratio of 99.8%.
This is far greater than the average ZIP compression ratio for Executable 47%.
To achieve a high compression ratio, which can be executed likely to contain padding which is very easy to compress.
This file contains a dangerous redline redline malware.
Apart from your banking details, malware can also access information such as location, security software name, hardware configuration, and more.
Malware can upload and download files, run orders.
It can also communicate with fraudsters to share your personal details through the C2 server.
Information collected from your PC will be used for fraud.