Fake Windows 11 Installer Drop Malware on Your Computer

Windows 11 Installer Drop Malware

Earlier this year Microsoft announced Windows 11, and Microsoft hasn’t published this new operating system publicly. But, a few weeks ago Windows 11 was unofficially leaked before Microsoft released it to Windows Insiders.

In short, the announcement of the new OS of Microsoft, Windows 11 has created a big hype on the internet world. And that’s why this was a target for users to be attacked by malware and so on.

However, the security researchers at the Kaspersky security lab have confirmed that after the leak, immediately several downloads of Windows 11 ISOs from unofficial sources began to appear, in which they have detected malware on many openings.

How do scammers fool Windows 11 downloaders?

Unofficially different versions of Windows 11 have been released that are easily accessible to anyone, and since these versions are prior to the final version, there are many users who are curious to see that how this new Windows 11 feels and works. 

Now, here comes the key roleplay, since these versions are not official they come from unofficial sources, that’s why you have to keep your eyes open and stay alert about the threat actors while downloading these versions from unknown sources.

As the cybersecurity researchers at Kaspersky have reported about a 1.75GB file (86307_windows 11 build 21996.1 x64 + activator.exe) that seemed to contain the OS itself with an activator.

This file structure is enough to fool anyone, it means that with such a file size, anyone will get fooled. Since this whole package claims to be the Windows 11 installer, but, in reality, this whole package consists of DLL files that contain a lot of worthless things.

However, when the package is opened the fake Windows 11 installer starts and behaves like the authentic one, while in the second one, the installer asks the user to accept a license agreement specifying that sponsored software is going to be installed on your system.

Since, in this stage, nobody reads these texts, and that’s why it becomes easy for the attacker to make the user accept and move further to install the malicious application.

Experts’ findings

Apart from this, the security analysts at Kaspersky Security Lab have claimed that till now they have detected hundreds of such infection attempts using similar schemes related to Windows 11, and the maximum number of cases are detected with fake installers like this.

While the infections of this malware could be varied since they could be like:-

  • Adware
  • Trojan
  • Phishing
  • Keylogger
  • Fileless Malware
  • Spyware
  • Worms
  • Virus
  • Rootkits
  • Ransomware

But, here the users who are becoming victims of such attacks have reported several problems that they have faced like stealing passwords, documents, and even personal data like credit cards and others details.


However, the users who are eager to install Windows 11 early on their system or want to upgrade their existing Windows 10 to Windows 11 are simply advised to use the official channel only, the “Windows Insider Program.”

To activate the “Windows Insider Program” you have to follow the steps that we have mentioned below:-

  • First of all, you have to go to Settings
  • Then you have to click on the “Update & Security” option. 
  • After that, you have to select the “Windows Insider Program.” 
  • Now you have to activate the Dev Channel option to get the update on your PC.
  • That’s it now you are done.

Not only that even, the experts have also recommended the users to not install or run the Windows 11 update on their primary computer system, since these prebuilds could be unstable, and make your system behave improperly.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Similar Posts