Fake 7-Zip Installers Turn Devices Into Residential Proxy Nodes
Overview
Researchers have identified a new cyber threat group known as Lurking Lizard, which has been running a malicious residential proxy service since at least August 2022. This operation utilizes over 230 fake domains that mimic legitimate software, specifically targeting users looking to download 7-Zip, a popular file compression tool. Instead of the genuine software, unsuspecting users end up installing a malicious version that turns their devices into proxy nodes. This not only compromises the users' systems but also allows the attackers to route internet traffic through these hijacked devices, potentially masking their own activities. The scale of this operation raises concerns about user privacy and the security of the internet at large.
Key Takeaways
- Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
- Affected Systems: 7-Zip software, residential devices
- Action Required: Users should download software only from official websites and verify the authenticity of downloads.
- Timeline: Ongoing since August 2022
Original Article Summary
Cybersecurity researchers have disclosed details of a new threat actor dubbed Lurking Lizard that has been operating an end-to-end malicious residential proxy business using an infrastructure comprising more than 230 lookalike domains. The activity dates back to at least August 2022, according to DNS threat intelligence firm Infoblox. Once such campaign, observed earlier this year, involved the
Impact
7-Zip software, residential devices
Exploitation Status
This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.
Timeline
Ongoing since August 2022
Remediation
Users should download software only from official websites and verify the authenticity of downloads. Regularly update security software to detect and remove potential threats.
Additional Information
This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.
Related Topics: This incident relates to Malware.