- Fake 7zip.com site distributes malware along with legitimate archiver download
- Victim devices assimilated into malicious residential proxy networks for cybercrimes
- Cases of digital squatting increased by 68% in five years, reaching a record of 6,200 disputes in 2025
Experts have warned that 7zip’s good name is being abused in a malware distribution campaign, tricking victims into becoming part of a malicious residential proxy network.
Security researchers at Malwarebytes were recently alerted to a YouTube video tutorial explaining how to build a PC. A 7zip download link was left in the video description, but instead of the legitimate URL, 7-zip.org, the link pointed to 7zip.com.
It is easy to be fooled as .com is a reputable top-level domain and the website itself looks identical to the legitimate one. To make matters even worse, the files that victims would download also include the actual 7zip archiver, which works as intended.
Digital squatting is increasing
However, in addition to the legitimate program, the download also includes a couple of files that, when executed, result in the deployment of malware that assimilates the device into a residential proxy network.
Access to these proxy servers is then rented to third-party cybercriminals. They transmit their traffic through these devices, hiding their true identities and covering their tracks while sending phishing emails, exfiltrating sensitive data, compromising business emails, distributing malware, ransomware, and more.
At the time of writing, the malicious website was still up and running, although our browser alerted us that it was potentially unsafe.
Digital squatting is becoming increasingly popular among scammers, ruining businesses and their reputations at an unprecedented rate.
Recent research from Decodo stated that there has been a 68% increase in these cases in half a decade, with 6,200 domain name disputes in 2025, the highest number in the organization’s history.
Digital squatting is a type of scam in which hackers register domains that imitate established brands. This can include typosquatting (registering domains that are a typo of a legitimate company, for example “Microsfot” instead of “Microsoft”), combosquatting (adding keywords to brand names, such as “microsoft-login” or “ebay-discounts”), top-level domain squatting (registering a new domain for an established brand, for example “7zip.com” when the company is on the domain .org) and homograph attacks (using visually similar characters, for example “rnicrosoft” instead of “microsoft”).
Cybercriminals can do all kinds of malicious things when they trick people into visiting their websites. They can make you try to log in and steal credentials for important services. Or they can cause them to download malware, as was the case with 7zip.
Through beepcomputer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
