Beware, this fake site offers up a malicious 7-Zip installer laced with malware

It sounds incredible, but .com is not 7zip's official website

News By Sead Fadilpašić published 11 February 2026

• Copy link
• Facebook
• X
• Whatsapp
• Reddit
• Pinterest
• Flipboard
• Threads
• Email

Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Tech Radar Get the TechRadar Newsletter

Sign up for breaking news, reviews, opinion, top tech deals, and more.

Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors

By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

You are now subscribed

Your newsletter sign-up was successful

An account already exists for this email address, please log in. Subscribe to our newsletter

• Fake 7zip.com site distributes malware alongside legitimate archiver download
• Victims’ devices assimilated into malicious residential proxy networks for cybercrime
• Digital squatting cases surged 68% in five years, hitting record 6,200 disputes in 2025

The good name of 7zip is being abused in a malware distribution campaign, tricking victims into becoming part of a malicious residential proxy network, experts have warned.

Security researchers from Malwarebytes were recently alerted to a YouTube video tutorial explaining how to build a PC. A download link for 7zip was left in the video’s description, but instead of the legitimate URL - 7-zip.org - the link pointed towards 7zip.com.

It’s easy to get tricked, since .com is a reputed top-level domain, and the website itself looks identical to the legitimate one. To make matters even worse, the files the victims would download also include the actual 7zip archiver, which works as intended.

Digital squatting on the rise

However, besides the legitimate program, the download also includes a couple of files which, when executed, result in the deployment of malware that assimilates the device into a residential proxy network.

Access to these proxies is then rented out to third-party cybercriminals. They relay their traffic through these devices, hiding their true identities, and covering their tracks as they send phishing emails, leak sensitive data, engage in business email compromise, malware distribution, ransomware, and more.

At press time, the malicious website was still up and running, although our browser did alert us that it was potentially unsafe.

Digital squatting is getting increasingly popular among scammers, ruining businesses and their reputations at an unprecedented pace.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsors