At least one 7-Zip user
January 26, 2026
•[ malware distribution, proxy botnet, domain impersonation ]
Toms Hardware reported that the unofficial domain 7-zip.com (not the official 7-zip.org) served malware-laden downloads for roughly ten days, from January 12 to January 22. The site initially displayed legitimate links, but after 2030 seconds a script swapped download links to a malicious executable, likely to evade basic automated scanning. The malwares primary described function was to install a proxy service, turning victims PCs into nodes in a proxy botnet that criminals could route traffic through to obscure their origins. This is a malware distribution campaign impacting end users rather than a single named victim organizations breach.
