This allowed malicious files inside the inner archive to be executed without triggering standard Windows security warnings, such as SmartScreen. Attack Sequence: User downloads a malicious file like 3sg.7z .
Be cautious of sites like 7zip.com (note the .com extension), as Malwarebytes has reported that these fake download sites distribute trojanized versions of the software that can turn your PC into a proxy node for cybercriminals. Have you to the latest version recently?
According to an article from Ars Technica , the 7-Zip utility contained a flaw that allowed attackers to bypass Windows' security feature. Key Details of the Vulnerability
Attackers used a nested archive technique (an archive inside another archive). While the outer file (like 3sg.7z ) would be flagged by Windows as downloaded from the internet, the inner archive would not inherit this "Mark of the Web" tag.