Beware of Malicious 7ZIP on the Microsoft App Store

Hackers are exploiting the popular software 7ZIP to spread malware via the Microsoft App Store, according to cybersecurity researchers at QiAnXin. They found a fake Russian 7Zip which had gone undetected for nearly a year. The rogue package, named UTG-Q-003, fetched payloads from a remote server using Java. The hackers continually changed the payload to evade detection and steal a variety of file types. The attackers’ domains linked to Russia and Ukraine.