A Windows 11-themed malware campaign tried to trick people into activating malicious code on their PCs. The attack relied on people’s lack of knowledge about the future operating system from Microsoft. The campaign used a Word document that claimed to be made with “Windows 11 Alpha” and pressured people to take steps to open it. By following these steps, they activated code that threat agents could use to steal people’s financial information.
Anomali Security researchers discovered the attack and broke its technical components (via Bleeping Computer ). The researchers claim that cybercrime group FIN7 is likely responsible for the campaign of this same malware. The exact method of spreading the malicious file has not yet been confirmed, but it is likely email phishing or spearphishing, according to Anomali.
The document claims to be made with Windows 11 Alpha, it may need to take steps to make the document compatible with older operating systems. This is not the case, but many people will not know it. As there are cases where people need to convert original Word documents to make them compatible, many PC users are probably used to following prompts that look like the ones this campaign uses.
The Windows 11 Alpha malware campaign ran from late June to late July 2021, which aligns with Microsoft’s official announcement of Windows 11.