A critical supply chain compromise has impacted the distribution infrastructure of the CPUID project. Attackers gained unauthorized access to an internal API and successfully modified download links on the official website to serve malicious versions of the widely used CPU-Z and HWMonitor utilities.
The malicious installers were configured to deploy a second-stage infostealer designed to harvest browser credentials, session cookies, and cryptocurrency wallet data from developer and administrator workstations. Because these tools are frequently used by system administrators to profile server hardware, the potential for high-value credential theft across enterprise environments is significant.
This incident underscores the fragility of software distribution trust models that rely on centralized APIs. Even when a website remains visually intact, the underlying data feeds that generate download links can be weaponized to deliver malware through officially verified channels.
– Verify the checksums of any CPU-Z or HWMonitor installers downloaded between April 9 and April 10.
– Conduct a forensic audit of any system where these tools were installed or updated during the infection window.
– Rotate all administrative and cloud service credentials present on any workstation that executed the malicious binaries.
– Implement strict application whitelisting and enforce code integrity checks for all system profiling tools.
The targeting of hardware utilities represents a strategic move to compromise the very tools used by IT professionals for infrastructure management. #CodeDefence #SupplyChain #CPUID #Malware
/