- Fake 7zip.com website distributes malware along with legitimate download of archives
- Victim devices assimilated into malicious cybercrime residential proxy networks
- Digital squatting cases up 68% in five years to reach record 6,200 disputes by 2025
The good name of 7zip is being misused in a malware distribution campaign that tricks victims into becoming part of a malicious residential proxy network, experts have warned.
Malwarebytes security researchers were recently alerted to a YouTube video tutorial explaining how to build a PC. A download link for 7zip was left in the video’s description, but instead of the legitimate URL – 7-zip.org – the link pointed to 7zip.com.
It is easy to get scammed as .com is a reputable TLD and the website itself looks identical to the legitimate one. To make matters worse, the files victims would download also include the actual 7zip archiver, which works as intended.
Digital squatting is on the rise
However, in addition to the legitimate program, the download also contains a few files that, when executed, result in the deployment of malware that assimilates the device into a home proxy network.
Access to these proxies is then leased to third-party cybercriminals. They route their traffic through these devices, hiding their true identity and covering their tracks as they send phishing emails, leak sensitive data, engage in corporate email compromise, distribute malware, ransomware and more.
At press time, the malicious website was still up and running, although our browser warned us that it was potentially unsafe.
Digital squatting is becoming increasingly popular among fraudsters, destroying businesses and their reputations at an unprecedented pace.
Recent Decodo research claimed that there has been a 68% increase in these cases in half a decade, with 6,200 domain name disputes in 2025, the highest ever in the organization’s history.
Digital squatting is a form of scam where hackers register domains that mimic established brands. It can include typosquatting (registering domains that are a typo of a legitimate company, eg “Microsfot” instead of “Microsoft”), combosquatting (adding keywords to brand names, such as “microsoft login” or “ebay discounts”), Top-Level Domain squatting (registering a new brandcom domain, eg for a “7 established company”). domain) and homographic attacks (using visually similar characters, for example “rnicrosoft” instead of “microsoft”).
Cybercriminals can do all sorts of malicious things when they trick people into visiting their websites. They can trick them into trying to log in and steal credentials for important services. Or they can make them download malware, as was the case with 7zip.
Via Bleeping Computer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
