CPUID, a French software company behind popular hardware monitoring tools like CPU-Z and HWMonitor, was reportedly compromised to distribute malware to its user base. By breaching a secondary API, an unknown party altered the company’s main website for approximately six hours between April 9th and April 10th, redirecting legitimate update requests to a malicious domain. Users attempting to download software updates received a deeply trojanized installer—such as “HWiNFO_Monitor_Setup.exe”—which utilized a file named CRYPTBASE.dll to masquerade as a legitimate Windows library. The multi-staged malware, which shares infrastructure with a previous FileZilla campaign, operates entirely in memory to evade detection and deploy an info-stealer. CPUID has confirmed the incident and stated that the vulnerability has been fixed.
The data allegedly targeted by the distributed malware includes:
-
Browser credentials
-
User passwords
-
Cryptocurrency wallets
Daily Dark WebRead More
R1
T1
