Windows 10 app installation process exploited by malicious actors – stay frosty


Crooks and malicious actors trying to cause trouble are nothing new to the IT world, especially not to the Windows industry. So when we tell you that a dangerous Windows 10 scam is exposed, don’t be surprised.

The new scam was reported by SophosLabs, who discovered the danger because he knocked directly on the door of SophosLabs (via ZDNet). Weird emails have arrived in Sophos inboxes, using the usual mix of threatening and poorly composed speech and a request to click on something sketchy.

If you click on what the email tells you to click, you are taken to a web page where you will be prompted to preview a seemingly harmless PDF. Of course, this “PDF preview” is rubbish. corn harmless and links you to a link beginning with the prefix ms-appinstaller :, which invokes Windows 10’s AppInstaller.exe tool, starting a download and run process that will put you in a bad position very quickly. From there, you will have to deal with the dangers of BazarBackdoor malware including data and credential theft.

The new part of this whole situation is the abuse of the Windows 10 application installation process. The other parts, and the outline of the overall attack, are an old hat to anyone who has been around PCs. You know the rules: fragmentary emails? Ignore. Questionable links? Don’t click. Do both of these things and you will have already outwitted 99% of the crooks. It doesn’t matter which iteration of Windows you’re on. You could switch to Windows XP or Windows 11, and at the end of the day, if you don’t take the initial steps, you’ll be safe.

Source link


Comments are closed.