CPUID Hacked to Serve Trojanized CPU-Z and HWMonitor Downloads
Summary
A Russian-speaking threat actor compromised CPUID, the provider of CPU-Z and HWMonitor utilities, to distribute malware. Download links were replaced to serve trojanized versions of these legitimate software tools, embedding a new malware called STX RAT.
IFF Assessment
FOE
This incident represents a successful compromise of a trusted software source, enabling threat actors to distribute malware to unsuspecting users.
Defender Context
This attack highlights the importance of software supply chain security and the risks associated with downloading software from official sources if those sources are compromised. Defenders should educate users about verifying software integrity and consider using application whitelisting or sandboxing for downloaded executables.