"Investigations are still ongoing, but it appears that a secondary feature (basically a side API) was compromised for approximately six hours between April 9 and April 10, causing the main website to randomly display malicious links (our signed original files were not compromised)."
"The malicious installer appears to have targeted 64-bit HWMonitor users and included a fake CRYPTBASE.dll designed to blend in with legitimate Windows components."
CPUID's website experienced a security breach that redirected users to malicious downloads for approximately six hours. Tools like HWMonitor and CPU-Z were affected, with users reporting antivirus alerts and odd file names. The breach was attributed to a compromised backend component, not the software builds themselves. Investigations revealed that a secondary API was exploited, causing the main site to display harmful links. The original files remained intact and properly signed, but users who downloaded during the breach were at risk of malware infection.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]