Malicious 7-Zip Installers Exploit Devices as Residential Proxy Nodes
A threat actor known as Lurking Lizard has been using trojanized 7-Zip installers to recruit devices into a residential proxy botnet, leveraging over 230 lookalike domains. The campaign involves impersonating legitimate proxy providers, distributing malware through fake apps, and exploiting domain abuse to monetize compromised devices.
Cybersecurity researchers have disclosed details of a new threat actor dubbed Lurking Lizard that has been operating an end-to-end malicious residential proxy business using an infrastructure comprising more than 230 lookalike domains.
The activity dates back to at least August 2022, according to DNS threat intelligence firm Infoblox. Once such campaign, observed earlier this year, involved the
*** END OF TRANSMISSION ***