What you need to know
- A recently discovered malware attack attempted to trick people by claiming a file was made on "Windows 11 Alpha."
- The attack contained malicious code within a Word document.
- Security researchers claim that well-known cybercrime group FIN7 was likely behind the attack.
A Windows 11-themed malware campaign tried to trick people into activating malicious code on their PCs. The attack relied on people's lack of knowledge of Microsoft's upcoming operating system. The campaign used a Word document claiming to be made with "Windows 11 Alpha" and pushed people to perform steps to open it. Following these steps activated code that threat actors could use to steal people's financial information.
Anomali Security researchers discovered the attack and break down its technical components (via Bleeping Computer). The researchers claim that cybercrime group FIN7 is likely responsible for the malware campaign. The exact method of spreading the malicious file isn't confirmed at this time but is likely email phishing or spearphishing, according to Anomali.
The idea behind the attack is that if someone sees a document claiming to be made with Windows 11 Alpha, that they may need to perform steps to make the document compatible with older operating systems. This isn't the case, but many people won't be aware of that. As there are instances in which people need to convert genuine Word documents to make them compatible, many PC users are likely used to following prompts that look like those in this malware campaign.
The Windows 11 Alpha malware campaign appeared to have happened between late June and late July 2021, which lines up with Microsoft's official announcement of Windows 11. The attack likely rode the wave of interest about Microsoft's new operating system to take advantage of unsuspecting people.