Join The Club
CPUID has informed Cybernews that the issue has been resolved: "Investigations are still ongoing, but it appears that a secondary feature (basically a side API) was compromised for approximately six hours between April 9th and April 10th, causing the main website to randomly display malicious links (our signed original files were not compromised). The breach was found and has since been fixed.” The original story, as reported, is below.
There are lots of great software tools out there that can tell you all kinds of things about your gaming PC, and perhaps two of the most well-known by enthusiasts are CPU-Z and HWMonitor. However, two sharp-eyed Redditors spotted that while everything seems all normal on the official download page, the links will give you files that are anything but official.
WARNING! HWMonitor 1.63 Download on the official "cpuid" page is a Virus!!! from r/pcmasterrace
In short, what look like normal download links for CPU-Z and HWMonitor, producing seemingly correct files, appear to result in your getting a file with an altered name, Russian setup language, and a different wrapper for the installation screen.
Oh, and an immediate warning from anti-virus software.
Adding to the confusion is that, instead of getting something like 'hwmonitor_1.63.exe' as your download, the file is labelled 'HWiNFO_Monitor_Setup.exe'. This has led some people to report on social media that HWInfo has been affected by malware, but this is absolutely not the case.
While I haven't used HWMonitor in a long time, I do fire up CPU-Z quite often when I'm hardware testing. For example, if I want to check what BIOS version a motherboard sample is sporting, CPU-Z can tell me that within a matter of seconds. Admittedly, so can HWInfo, it's just that the program takes longer to get going than CPU-Z does.
Worryingly, this is no simple hijack of CPUID, either. According to vx-underground, "This is not your typical run-of-the-mill malware. This malware is deeply trojanized, distributes from a compromised domain, performs file masquerading, is multi-staged, operates (almost) entirely in-memory, and uses some interesting methods to evade EDRs and/or AVs such as proxying NTDLL functionality from a .NET assembly."
"This is the same Threat Group who was masquerading FileZilla in early March, 2026. They've been busy."
Mr. Titus Tech is correct. cpuid-dot-com is indeed delivering malware right now.As I began poking this with I stick I discovered this is not your typical run-of-the-mill malware. This malware is deeply trojanized, distributes from a compromised domain (cpuid-dot-com), performs… https://t.co/ubkXmG7LKV pic.twitter.com/jPlAMmpijNApril 10, 2026
The hack vx-underground is referring to was subtle but also very devious, though it's certainly not the only instance of FileZilla (an FTP client) being the target for malware. As to who's behind all of this, that's not certain at all, but if it is indeed the same group that targeted CPUID and FileZilla, then other popular PC software tools could well be next.
Your best defence in all of this is to use a good anti-virus/malware package, keep it regularly updated, and make sure you scan any programs or compressed files that you download. In the case of common software tools, you can also try downloading several copies, from different sources, and comparing the file names, sizes, and digital signatures. If they're all legitimate, they will be identical in every respect.
1. Best gaming chair: Secretlab Titan Evo
2. Best gaming desk: Secretlab Magnus Pro XL
3. Best gaming headset: Razer BlackShark V3
4. Best gaming keyboard: Asus ROG Strix Scope II 96 Wireless
5. Best gaming mouse: Razer DeathAdder V4 Pro
6. Best PC controller: GameSir G7 Pro
7. Best steering wheel: Logitech G Pro Racing Wheel
8. Best microphone: Shure MV6 USB Gaming Microphone
9. Best webcam: Elgato Facecam MK.2
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
