Security

6802 readers

1 users here now

Confidentiality Integrity Availability

founded 6 years ago

MODERATORS

gary_host_laptop@lemmy.ml

Fake 7-Zip downloads are turning home PCs into proxy nodes (www.malwarebytes.com)

submitted 2 days ago by Zerush@lemmy.ml to c/security@lemmy.ml

6 comments fedilink hide all child comments

top 6 comments

sorted by: hot top controversial new old

[–] onlooker@lemmy.ml 9 points 2 days ago

Following a YouTube tutorial for a new build, they were instructed to download 7‑Zip from 7zip[.]com, unaware that the legitimate project is hosted exclusively at 7-zip.org.

My heart goes out to the poor, unsuspecting new PC owner and at the same time: fuck YouTube tutorials. It's basically Russian roulette: either the information is solid or you get shit like this. YouTube doesn't vet videos, nor does it have any interest in doing so, unless profits are somehow involved.

[–] WagnasT@piefed.world 6 points 2 days ago

So the threat actors squatted on a similar domain name and sent malicious 7zip installers. namecheap is the registrar for the offending domain, abuse@namecheap.com is the appropriate place to report this crap.

[–] Sphere@hexbear.net 2 points 2 days ago (2 children)

This is why ninite.com is and will always be the correct way to install basic software on a fresh PC

[–] Zerush@lemmy.ml 1 points 1 day ago

I never download apps from other than the official homepage or from sites linked from these. This case is by download 7-Zip from a fake homepage, not from the real one. This can happen when you use a third party download page, even if Ninite is normally a trustworth site.

[–] Luffy879@lemmy.ml 2 points 2 days ago (1 children)

Correction: your central repository (or winget if you're a win snob

[–] Sphere@hexbear.net 1 points 2 days ago

Yes, go ahead and keep telling ordinary people to use a terminal, I'm sure they'll come around any day now...