CPUID site hijacked to serve malware instead of HWMonitor downloads
Summary
The CPUID website was compromised, with attackers hijacking backend systems to serve malware instead of legitimate software downloads. This six-hour breach redirected users seeking tools like HWMonitor to malicious files, including credential stealers.
IFF Assessment
This is bad news for defenders as it demonstrates how attackers can compromise trusted software download sites to distribute malware, undermining user trust and enabling widespread infection.
Defender Context
This incident highlights the persistent threat of website compromises and supply chain attacks, where attackers leverage trusted platforms to distribute malicious payloads. Defenders should remain vigilant about the integrity of software downloads and implement robust endpoint security measures to detect and block malware, even from seemingly reputable sources.