## CPUID Website Hijacked: Legitimate HWMonitor Downloads Replaced with Malware
For six hours this week, the trusted CPUID website became a trap. Attackers hijacked a portion of its backend infrastructure, transforming legitimate download links for popular system monitoring tools like HWMonitor into a delivery mechanism for malware. Visitors seeking genuine software were instead exposed to a coin toss between the real utility and malicious payloads, including credential-stealing programs.

The breach represents a sophisticated supply-chain attack, directly compromising a trusted source for hardware information and diagnostic utilities. By targeting the CPUID domain itself, the attackers bypassed traditional security warnings that might flag downloads from unfamiliar sites. This method significantly increases the infection risk, as users are far more likely to execute a file downloaded from what they believe is the software's official homepage.

The incident underscores a critical vulnerability in the software distribution ecosystem: the security of the publisher's own web infrastructure. It serves as a stark warning for both developers and users. Developers must implement robust security controls and monitoring for their content delivery networks and download servers. For users, it highlights the persistent danger of drive-by downloads, even from historically reputable sources, and reinforces the necessity of verifying file hashes and maintaining updated endpoint security.
---
- **Source**: The Register
- **Sector**: The Lab
- **Tags**: cybersecurity, malware, supply-chain attack, software distribution, credential theft
- **Credibility**: unverified
- **Published**: 2026-04-10 13:22:38
- **ID**: 58883
- **URL**: https://whisperx.ai/en/intel/58883