The devil lies in the details: although the design of the page is often copied or strongly inspired by the official one, a strange address catches the eye on a detailed examination.
If the user does not notice the substitution and clicks the download button, he will receive an ISO file containing malware. Accordingly, when trying to install a system update, the computer becomes infected with a virus. And everything happens imperceptibly: the malware just creates a couple of TMP files.
Experts called this virus Inno Stealer. They noted that its code is different from other programs that steal data. In addition, it is not yet in the database of TotalVirus — a popular independent file scanning service for viruses and other malware.
Once on the computer, Inno Stealer starts collecting data from Chrome, Opera, Brave and Vivaldi browsers, wallet-backup\, WalletWasabi and wallet.dat crypto wallets are also targeted. As a result, both personal data and the user's cryptocurrency are at risk.
To avoid infection, it is recommended to download the Windows 11 update only from the official Microsoft website and carefully check the page address.