Home STAY CURRENTArticles Why We Should be Wary of Windows 11 Alpha Malware

Why We Should be Wary of Windows 11 Alpha Malware

by CISOCONNECT Bureau

Recently, a Windows 11-themed malware campaign was launched to misled users to disclose their financial information. Read on to know more…

Microsoft has already stated that Windows 11 will be launched on October 5. Several Windows users are already interested in testing out Windows 11, the new version that will succeed Windows 10 as Microsoft’s operating system. This is the most perilous time to download anything related to this version of Microsoft’s operating system. Because of the new operating system’s popularity, cybercriminals have seized the opportunity to disseminate a document that purports to have been written with Windows 11 Alpha but is actually a malicious software.

A Windows 11-themed malware campaign is attempting to trick users into disclosing their financial information before the formal launch of the next Windows operating system. Windows users are being misled by the Windows 11 Alpha malware attack, which activates malicious code on their computers.

The researchers discovered that cybercrime group FIN7 is most likely responsible for the the malware campaign. FIN7 is an Eastern European threat group that targets international organisations, particularly those in the United States. According to analysts, this cybercrime gang is responsible for more than 15 million card thefts, costing organisations more than $1 billion in losses.

Working Mechanism
Anomali Security researchers discovered this new malware attack using a Word document claiming to be created with ‘Windows 11 Alpha,’ according to a report by Bleeping Computer. The user is then prompted to follow a few easy actions in order to open the file. When users follow the procedures outlined above, a code is activated that steals their financial information.

Researchers are unable to establish the exact method by which the malicious file was being spread, however the attackers are likely using the phishing or spear phishing techniques.

As per the report, “Cybercriminals laced Microsoft Word documents with macro code that ultimately drops a JavaScript backdoor that lets the attacker deliver any payload they want.

Researchers at cybersecurity company Anomali analyzed documents and say that the delivered backdoor appears to be a variation of a payload commonly used by the FIN7 group since at least 2018.” The researchers uncovered six malicious Windows 11 Alpha-themed Word documents that is used to drop “JavaScript payloads, including a Javascript backdoor.”

According to the Anomali Security researchers, users of Windows 11 Alpha may receive an image asking them to “Enable Editing” and “Enable Content” in order to proceed to the next stage of activity. Users will be asked to ensure that the document is compatible with their current operating system.

However, the reality is that there is no such software as Windows 11 Alpha, and if people are unaware of this, they may follow the malicious campaign’s prompt. According to the report, if a user does not perceive anything suspicious and follows the procedures — then the malicious code will be activated — which would then download a JavaScript backdoor. As a result, attackers will be able to install a payload on the computer, which can then be used to steal sensitive financial information, especially the debit or credit cards.

Logical Conclusion
A breakdown of the technical components has also been provided by the security researchers. Formally, the Windows 11 will be released on October 5 and the operating system is presently accessible for Windows Insider Program members, developers, and beta testers.

The malware campaign on the latest operating system appears to have begun between the end of June and the beginning of July 2021, taking advantage of the high popularity of Microsoft’s new Windows 11 operating system. The number of victims who have been charged is unknown.

As a result, if you receive a message with files or links attached that relate to Windows Alpha, the best thing to do is to delete the message without opening any files, documents, or links.

Recommended for You

Recommended for You

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Close Read More

See Ads