- Fake 7zip.com site distributes malware alongside legitimate archiver download
- Victims’ devices assimilated into malicious residential proxy networks for cybercrime
- Digital squatting cases surged 68% in five years, hitting record 6,200 disputes in 2025
The good name of 7zip is being abused in a malware distribution campaign, tricking victims into becoming part of a malicious residential proxy network, experts have warned.
Security researchers from Malwarebytes were recently alerted to a YouTube video tutorial explaining how to build a PC. A download link for 7zip was left in the video’s description, but instead of the legitimate URL - 7-zip.org - the link pointed towards 7zip.com.
It’s easy to get tricked, since .com is a reputed top-level domain, and the website itself looks identical to the legitimate one. To make matters even worse, the files the victims would download also include the actual 7zip archiver, which works as intended.
Digital squatting on the rise
However, besides the legitimate program, the download also includes a couple of files which, when executed, result in the deployment of malware that assimilates the device into a residential proxy network.
Access to these proxies is then rented out to third-party cybercriminals. They relay their traffic through these devices, hiding their true identities, and covering their tracks as they send phishing emails, leak sensitive data, engage in business email compromise, malware distribution, ransomware, and more.
At press time, the malicious website was still up and running, although our browser did alert us that it was potentially unsafe.
Digital squatting is getting increasingly popular among scammers, ruining businesses and their reputations at an unprecedented pace.
Recent Decodo reserach claimed there has been a 68% increase in these cases in half a decade, with 6,200 domain name disputes in 2025, the highest ever in the organization’s history.
Digital squatting is a type of scam in which hackers register domains mimicking established brands. That can include typosquatting (registering domains that are a typo of a legitimate business, for example “Microsfot” instead of “Microsoft”), combosquatting (adding keywords to brand names, such as “microsoft-login”, or “ebay-discounts”), Top-Level Domain squatting (registering a new domain for an established brand, for example “7zip.com” when the company is on the .org domain), and homograph attacks (using visually similar characters, for example “rnicrosoft” instead of “microsoft”).
Cybercriminals can do all sorts of malicious things when they trick people into visiting their websites. They can get them to try and log in, stealing credentials for important services. Or, they can get them to download malware, as was the case with 7zip.
Via BleepingComputer
➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.