CPUID Website Hacked, Users Infected with Malware from Popular Utilities

Severity: High (Score: 69.0)

Sources: Cybersecuritynews, Cybernews

Summary

The CPUID website was compromised for approximately six hours between April 9th and April 10th, 2026, leading to the distribution of malware through downloads of HWMonitor and CPU-Z. Users reported that downloading the software resulted in infections with trojanized installers, which were capable of evading antivirus detection and establishing connections to attacker-controlled infrastructure. The malicious files were confirmed by VirusTotal, flagged by at least 32 security vendors as trojans. CPUID's founder, Franck Delattre, was reportedly on leave during the attack, raising suspicions about the timing. The company has since fixed the breach, but the website remains unavailable. Security experts advise users to avoid unverified installers and to verify file hashes before downloading. Users who downloaded the infected software should assume their sensitive data may be compromised. Investigations into the incident are ongoing. Key Points: • CPUID's website was hacked, distributing malware through legitimate software downloads. • Malware evaded detection by executing in memory and connecting to attacker-controlled servers. • Users are advised to verify hashes and avoid unverified installers to mitigate risks.

Key Entities

• Malware (attack_type)
• Supply Chain Attack (attack_type)
• Trojan (attack_type)
• Cpuid (company)
• cpuid.com (domain)
• T1071 - Application Layer Protocol (mitre_attack)
• Windows (platform)