Fake 7-Zip Installers Used to Build Residential Proxy Botnet
Security researchers have identified an ongoing campaign operated by a threat actor known as Lurking Lizard, which distributes trojanized versions of the popular 7-Zip archiving software. Victims who download installers from the malicious domain 7zip[.]com instead of the legitimate 7-zip[.]org unknowingly install malware that converts their systems into residential proxy nodes.
The malware allows third parties to route internet traffic through compromised devices, effectively turning victim systems into part of a commercial proxy network. Researchers have linked the activity to a wider ecosystem involving fake VPNs, counterfeit proxy services, fraudulent review websites, and more than 230 lookalike domains used for malware distribution and monetisation.