- Fake site 7zip.com distributes malware alongside legitimate archiver download
- Victims’ Devices Assimilated into Malicious Residential Proxy Networks for Cybercrime
- Digital squatting cases jumped 68% in five years, reaching a record 6,200 disputes in 2025
7zip’s good reputation is being misused in a malware distribution campaign, tricking victims into becoming part of a malicious residential proxy network, experts have warned.
Security researchers at Malwarebytes were recently alerted to a YouTube video tutorial explaining how to build a PC. A download link for 7zip was left in the video description, but instead of the legitimate URL – 7-zip.org – the link pointed to 7zip.com.
It’s easy to be fooled, since .com is a reputable top-level domain and the website itself looks identical to the legitimate site. To make matters even worse, the files downloaded by victims also include the real 7zip archiver, which works as expected.
Digital squatting on the rise
However, apart from the legitimate program, the download also includes a few files which, when executed, result in the deployment of malware that assimilates the device into a residential proxy network.
Access to these proxies is then leased to third-party cybercriminals. They relay their traffic through these devices, hiding their true identities and covering their tracks as they send phishing emails, leak sensitive data, engage in business email compromises, distribute malware, ransomware, and more.
At press time, the malicious website was still up and running, although our browser alerted us that it was potentially dangerous.
Digital squatting is becoming increasingly popular among scammers, ruining businesses and their reputations at an unprecedented rate.
A recent study by Decodo claimed that there has been a 68% increase in such cases in half a decade, with 6,200 domain name disputes in 2025, the highest ever in the organization’s history.
Digital squatting is a type of scam in which hackers register domains imitating established brands. This can include typosquatting (registering domains that are a typo of a legitimate company, e.g. “Microsoftfot” instead of “Microsoft”), combosquatting (adding keywords to brand names, such as “microsoft-login” or “ebay-discounts”), top-level domain squatting (registering a new domain for an established brand, e.g. “7zip.com” when the company is on the .org domain), and homograph attacks. (using visually similar characters, for example “rnicrosoft” instead of “microsoft”).
Cybercriminals can do all kinds of malicious things when they trick people into visiting their websites. They can trick them into trying to log in, stealing credentials for important services. Or, they can trick them into downloading malware, as was the case with 7zip.
Via BeepComputer
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
