Skip to main content
  1. Home
  2. Computing
  3. News

Do not fall for this fake Windows update support site. It’s spreading a password-stealing malware

A fake Windows update site is tricking users into installing malware

By
Add as a preferred source on Google
malwarebytes laptop
Malwarebytes

If a website tells you to manually install a “Windows update” from a big blue download button, close that tab immediately. Malwarebytes has just spotted a fake Microsoft support website (microsoft-update.support) that pretends to offer a cumulative update for Windows 24H2 but actually delivers password-stealing malware.

The entire page is dressed up to look official, and even uses proper KB-style reference and downloads an 83MB MSI file called Windowsupdate1.0.0.msi that looks quite legit even in the file properties.

What the malware actually does

The Malwarebytes logo against a white background.
Malwarebytes

The site is currently written in French, which suggests that the scam is currently targeting French-speaking users first. But Malwarebytes warns that these operations can spread quickly. The installer itself was built with the legitimate WiX Toolset, and its metadata is spoofed to make it look Microsoft-made. This helps it blend in both for users and for some basic security checks.

Recommended Videos

The MSI drops an Electron-based app into the user’s AppData folder, then launches additional components, including a disguised Python runtime. From there, the malware then pulls in tools and packages associated with data theft, like components used for encryption, process inspection, and deeper Windows access. The firm says the malicious code also targets Discord by modifying its files to intercept login tokens, payment details, and two-factor authentication changes.

malwarebytes laptop
Malwarebytes

Malwarebytes says it also fingerprints victims by checking IP and geolocation, contacts command-and-control infrastructure hosted through Render and Cloudflare Workers, and uploads stolen data through Gofile.

Why you should heed this warning

An unsettling detail uncovered in the report is that, at the time Malwarebytes analyzed it, the main executable and launcher showed zero detections across dozens of antivirus engines on VirusTotal. The company says that it is because the malware hides its logic inside obfuscated JavaScript, legitimate Electron components, and runtime-delivered Python tooling instead of one obviously malicious binary. So basically, do not fall for this fake Windows support site. It is not helping you patch your PC. It is trying to rob it.

Vikhyaat Vivek
Vikhyaat Vivek
Vikhyaat Vivek is a tech journalist and reviewer with seven years of experience covering consumer hardware, with a focus on…
Topics
Meta employees are revolting against its AI rules and it’s a lesson for us all
Employee frustration is spilling into public view as Meta doubles down on AI
mark zuckerberg shocked

Meta's aggressive push into artificial intelligence is facing growing resistance from an unexpected group: its own employees.

According to a recent report from WIRED, frustration inside Meta has reached a boiling point following a series of AI-related restructuring efforts, layoffs, and workplace policies. The tensions became public this week when an employee interrupted a company-wide livestream with an expletive-filled rant directed at Meta's AI leadership, shocking thousands of colleagues watching the presentation.

Read more
Buying a laptop may soon come with an instant carbon score thanks to AI
Researchers want AI to calculate the environmental cost of your next laptop
Laptop image

When shopping for a new laptop, most buyers compare specifications like performance, battery life, display quality, and price. But a new AI-powered initiative could soon add another metric to that list: carbon footprint.

Researchers are developing AI agents capable of calculating and displaying the environmental impact of consumer electronics in real time, potentially giving shoppers instant access to sustainability information before making a purchase. The effort aims to bring the kind of emissions transparency already available in services like flight booking platforms to the world of consumer technology.

Read more
The US government just hit the brakes on Anthropic’s most powerful AI models
Anthropic disables Fable 5 and Mythos 5 after US government directive
Laptop running Claude Fable

Anthropic’s troubles with the US government do not seem to be easing. The company has now been ordered to suspend access to Fable 5 and Mythos 5 for all foreign nationals, including foreign national Anthropic employees working inside the United States.

Anthropic said it received the directive on June 12 and is disabling the two models for all customers to comply. Other Anthropic models are not affected. The government has not publicly explained the full national security concern, but Anthropic says it understands the order is linked to a reported method for bypassing, or jailbreaking, Fable 5’s safeguards.

Read more