Malware campaign used document claiming to be made with ‘Windows 11 Alpha’

Spread the love

Surface Laptop 4 Amd 2021 DisplaySource: Daniel Rubino / Windows Central

A Windows 11-themed malware campaign tried to trick people into activating malicious code on their PCs. The attack relied on people’s lack of knowledge of Microsoft’s upcoming operating system. The campaign used a Word document claiming to be made with “Windows 11 Alpha” and pushed people to perform steps to open it. Following these steps activated code that threat actors could use to steal people’s financial information.

Anomali Security researchers discovered the attack and break down its technical components (via Bleeping Computer). The researchers claim that cybercrime group FIN7 is likely responsible for the malware campaign. The exact method of spreading the malicious file isn’t confirmed at this time but is likely email phishing or spearphishing, according to Anomali.

VPN Deals: Lifetime license for $16, monthly plans at $1 & more

The idea behind the attack is that if someone sees a document claiming to be made with Windows 11 Alpha, that they may need to perform steps to make the document compatible with older operating systems. This isn’t the case, but many people won’t be aware of that. As there are instances in which people need to convert genuine Word documents to make them compatible, many PC users are likely used to following prompts that look like those in this malware campaign.

If the code within the file was activated, the file downloaded a JavaScript backdoor. This let attackers obtain a payload on people’s PCs. The FIN7 group has been credited with the theft of more than 15 million payment card records. The value of these records is roughly over $1 billion, according to eSentire.

The Windows 11 Alpha malware campaign appeared to have happened between late June and late July 2021, which lines up with Microsoft’s official announcement of Windows 11. The attack likely rode the wave of interest about Microsoft’s new operating system to take advantage of unsuspecting people.

Leave a Reply