This Windows 11 Toolboxa script that allows integration Google Play store Microsoft’s next-gen system hides an unpleasant surprise for those who installed it. it is full malware and other virtual malware that can infect your computer.
As reported by users GitHub last week, the tool available on the platform can install infected extensions In Chrome, Firefox and other Chromium-based browsers. Such malicious sources redirect the internet user to fake websites and affiliate links and the calculated revenue goes to the cybercriminals.
In addition to redirecting from popular URLs, extensions can trigger fake notifications about program updates and downloads that actually serve to install different malware on the PC. The malicious campaign also includes creating and scheduling hidden folders. system tasks.
Launched to increase the number of Android apps in Windows 11 as only programs from the Amazon store are available for download, Windows 11 ToolBox was initially removed from GitHub after the authors reported the discovery. The infrastructure of the coup is also Cloud Flare.
protect the computer
According to this BleeComputerjoyful Windows 11 ToolBox malware It primarily targets users living in the United States, due to links to ads for an American audience. Despite this, anyone who installs the script and is worried about infection can check to see if their device has been compromised.
Check if the “systemfile” folder exists in the root folder of the hard disk. Windows 11 is installed. It is ideal to delete the malware-generated folder and any installed Python files, along with scheduled tasks, if any. C:\Windows\security\pywinvera, C:\Windows\security\pywinveraHello C:\Windows\security\winver.png.
Source: Tec Mundo
