Making the leap to Windows 11 is a fairly common action these days. It is true that the speed of adoption of the latest version of Windows has decreased lately, but even so, there are still quite a few users who decide to take the leap, updating their operating system. And at this point it is important to bear in mind that there are quite a few users who do not update because they do not want to, but there is also a part of them who do not do so because they cannot.
And it is that, if there is something to talk about Windows 11, beyond its novelties, that is without a doubt your technical requirements. The requirement of Secure Boot and TPM 2.0 has left many users unable to update their operating system directly from the Windows 10 update manager. It is still possible to do it from an ISO, but the process is more complex, to the point that there are users who do not see themselves in a position to face it.
Thus, a most peculiar situation arises, because on the one hand we have users who can make the leap to Windows 11 but do not want to, and on the other hand we find people who would like to upgrade but cannot do so due to technical limitations.
Appearance of the fake Microsoft website. As you can see, its appearance is quite accomplished.
How could it be otherwise, cybercriminals are aware of this circumstance and have decided to take advantage of it. The most recent case of this is found in Bleeping Computer, where they echo a web page that pretends to be from Microsoft and offers to download an ISO file with which users can update to Windows 11. But, as you may have already imagined , the downloaded file is not the intended Microsoft operating system update.
Instead, what we will find is a pathogen dedicated to the theft of browser data and cryptocurrency wallets, which also has the necessary functions to be able to download new payloads, with which the operator of this malware can modify its functions. In its current state, it is capable of capturing data such as credentials and other types of sensitive information entered in the browser, so its danger is very high. No Windows 11, just malware.
Kaspersky security message when trying to access the website.
The downloaded file, named Windows11-setup_11.27541.ISO, and 38 megabytes in size, contains an executable called Windows 11 setup that, when run by the user, installs the data stealer. For users to download it, its creators have resorted to various techniques to make the illegitimate web page appear in legitimate search engine results. This, together with the appearance of the web page, which emulates the identity of Microsoft, can mislead many users.
A) Yes, a key element is to review the domains. In this case, the download is located at windows11-upgrade11.com, a somewhat strange name, due to its redundancy, and which obviously has nothing to do with either Microsoft or Windows 11. Thus, once again, we must remember that You only have to resort to official sources to avoid that, due to carelessness, a false Windows 11 update can end up costing us dearly.