CPUID Website Breach Serves Malware via CPU-Z and HWMonitor Downloads

CPUID Website Breach Serves Malware via CPU-Z and HWMonitor Downloads

First seen 10 Apr 2026, 09:16 UTC CybernewsCybersecuritynewsTheregisterBleepingcomputerOverclock3D+14 88% similarity 68.2

Article Content

Browse articles
ThreatCluster

The CPUID website was compromised for approximately six hours between April 9 and April 10, 2026, allowing attackers to hijack download links for popular utilities CPU-Z and HWMonitor. Users who attempted to download these tools received trojanized installers, specifically a file named 'HWiNFO_Monitor_Setup.exe,' which triggered antivirus alerts. The malware is designed to steal sensitive data, including browser credentials, and employs advanced evasion techniques to bypass detection. CPUID confirmed that the original software files were not compromised, but the attack exploited a secondary API feature. Security researchers noted that the malicious downloads were flagged by multiple antivirus engines. The breach has since been fixed, and CPUID is now serving clean versions of the software. Users are advised to check for any installations during the attack period and take necessary precautions.

Key Points: • CPUID's website was compromised for six hours, serving malware to users downloading CPU-Z and HWMonitor. • The malware, disguised as legitimate software, is designed to steal sensitive data and evade detection. • CPUID has fixed the breach and is now providing clean downloads, but users are urged to secure their systems.

ThreatCluster AI

Timeline

2026-04-09
Attackers compromised CPUID website API to serve malware.
2026-04-10
Users reported receiving trojanized installers from CPUID.
2026-04-10
CPUID confirmed the breach and fixed the issue.

Community

Browse all →