Watch out for fake Windows 11 downloads that spread malware

Malicious actors used a fake Windows 11 download page in an attempt to spread malware.

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

What you need to know

What you need to know

Threat actors took advantage of people looking to upgrade toWindows 11earlier this year. Microsoft’s new operating system entered itslast phase of availabilityon January 26, 2022. Attackers quickly jumped to action, initiating a malware campaign the next day that utilized a fake website impersonating a page to download Windows 11.

HP outlines its discovery of the attack on itsThreat Research Blog. HP’s team noticed that a malicious actor registered the “windows-upgraded[.]com” domain on January 27, 2022. The page had been designed to appear like an official Microsoft website to download Windows 11. Instead, it directed people to a link that downloaded RedLine Stealer, which is a type of malware that steals information.

The Threat Research Blog post breaks down the malware campaign in more technical detail. The key takeaway is that malicious actors hopped on a trending news story to try to take advantage of everyday PC users. Since Microsoft had just entered the final phase of rolling out Windows 11, many people were looking for a way to update.

The fake website was rather convincing. It uses Microsoft’s iconography and general site layout.

If you need help getting Microsoft’s newest OS, you can follow our guide onhow to upgrade to Windows 11.

A similar campaign was discovered in December 2021. That attack used fake versions of Discord’s website and sites from other popular messaging services. That campaign also distributed RedLine Stealer.

Get the Windows Central Newsletter

Get the Windows Central Newsletter

All the latest news, reviews, and guides for Windows and Xbox diehards.

Sean Endicott is a tech journalist at Windows Central, specializing in Windows, Microsoft software, AI, and PCs. He’s covered major launches, from Windows 10 and 11 to the rise of AI tools like ChatGPT. Sean’s journey began with the Lumia 740, leading to strong ties with app developers. Outside writing, he coaches American football, utilizing Microsoft services to manage his team. He studied broadcast journalism at Nottingham Trent University and is active on X @SeanEndicott_ and Threads @sean_endicott_.