CPUID breach taints official CPU-Z and HWMonitor downloads with trojanized HWiNFO variant
TL;DR Summary
A CPUID API breach briefly redirected CPU-Z and HWMonitor download links to a trojanized HWiNFO variant, delivered via HWiNFO_Monitor_Setup with DLL sideloading and a C2 connection. The attack lasted about six hours (Apr 9–10), affecting roughly 150 users and some organizations; targeted products included CPU-Z 2.19, HWMonitor Pro 1.57, HWMonitor 1.63, and PerfMonitor 2.04. CPUID says clean installers are now served; users should download only from official CPUID sources and verify signatures to avoid future tampering.
- CPUID hacked to deliver malware via CPU-Z, HWMonitor downloads BleepingComputer
- HWMonitor and CPU-Z developer CPUID breached by unknown attackers — cyberattack forced users to download malware instead of valid apps for six hours Tom's Hardware
- CPUID compromise: users got malware with HWMonitor and CPU-Z tools Cybernews
- Official CPU-Z And HWMonitor Installers Infected With Malware After Site Breach HotHardware
- Security PSA: Popular Tools CPU-Z and HWMonitor Were Briefly Compromised TechPowerUp
Reading Insights
Total Reads
0
Unique Readers
7
Time Saved
4 min
vs 5 min read
Condensed
92%
964 → 76 words
Want the full story? Read the original article
Read on BleepingComputer