CPU-Z, HWMonitor links serve trojanized installers
On April 9-10, 2026, users reported that CPUID’s official download flow for CPU-Z 2.19 and HWMonitor 1.63 briefly returned a malicious installer instead of the expected files, with signs like a renamed `HWiNFO_Monitor_Setup.exe`, Russian setup text, and antivirus warnings. The incident was first surfaced on Reddit and then picked up by PC Gamer, which reported that the bad links appeared to come from a compromised download path rather than the signed binaries themselves (https://old.reddit.com/r/pcmasterrace/comments/1sh4e5l/warning_hwmonitor_163_download_on_the_official/ , https://www.pcgamer.com/software/security/cpuids-download-page-has-been-hacked-with-its-popular-processor-and-pc-info-tools-replaced-with-links-to-files-containing-malware/).
Hot take: this looks like a classic supply-chain/web-hijack event, not a routine software bug.
- –The public reports point to the official CPUID download flow being the problem, with installs coming down under an unexpected filename and wrapper.
- –The timing matters: reports cluster around April 9-10, 2026, so anyone who downloaded during that window should verify what actually ran.
- –Current CPUID pages still list HWMonitor 1.63 and CPU-Z 2.19, but that does not make the affected download path trustworthy during the incident window.
- –The safest read is to treat installers pulled from the official site during the compromise window as suspect until hashes/signatures are checked.
DISCOVERED
1d ago
2026-04-10
PUBLISHED
1d ago
2026-04-10
RELEVANCE
AUTHOR
Wingy