CPUID Breach Distributes STX RAT Through Trojanized CPU-Z and HWMonitor Downloads
CPUID's official download infrastructure was compromised, leading to the distribution of the STX Remote Access Trojan (RAT) through malicious versions of CPU-Z and HWMonitor. Users who downloaded these compromised files are at significant risk of unauthorized system access, data theft, and further malicious activities.
CPUID Breach Leads to STX RAT Distribution
A recent cyberattack targeting CPUID, a prominent developer of system utility software, has resulted in the compromise of their official download channels. Malicious actors successfully trojanized legitimate software packages, specifically CPU-Z and HWMonitor, embedding the STX Remote Access Trojan (RAT) within them. This incident poses a severe threat to users who may have downloaded these compromised versions.
Understanding the Attack Vector
The attackers managed to infiltrate CPUID's systems, altering the official download files for CPU-Z and HWMonitor. When unsuspecting users downloaded and installed these seemingly legitimate utilities, they unknowingly executed the embedded STX RAT. This method, often referred to as a supply chain attack, leverages the trust users place in official software distributors.
What is STX RAT?
The STX RAT is a sophisticated piece of malware designed to grant attackers extensive control over a compromised system. Its capabilities typically include:
Has your email been leaked? Check for free — results in seconds.
Check Now →- Remote Control: Attackers can remotely access and manipulate the infected computer.
- Data Theft: Sensitive information such as login credentials, financial data, personal documents, and cryptocurrency wallets can be exfiltrated.
- Keylogging: Recording of keystrokes to capture passwords and other typed information.
- Screen Captures: Taking screenshots or recording screen activity.
- Webcam/Microphone Access: Covertly activating the device's camera and microphone.
- Further Malware Deployment: The ability to download and execute additional malicious payloads.
The presence of STX RAT on a system can lead to severe privacy breaches, financial loss, and identity theft.
Impact and User Recommendations
Users who downloaded CPU-Z or HWMonitor from CPUID's official website around the time of the breach (as reported on April 12, 2026) are advised to take immediate action. It is crucial to:
- Disconnect from the Internet: To prevent further communication with command-and-control servers.
- Scan for Malware: Use reputable antivirus and anti-malware software to conduct a full system scan.
- Change Passwords: Especially for critical accounts accessed from the potentially compromised system. Use unique, strong passwords and enable multi-factor authentication (MFA).
- Verify Software Integrity: Always download software from official sources and, if available, verify file hashes or digital signatures.
- Reinstall Operating System: For high-risk individuals or those unable to confidently remove the threat, a clean reinstallation of the operating system is the safest course of action.
CPUID has not yet released official statements regarding the full extent of the breach or remediation steps. Users should monitor official channels for updates.
Source
https://thehackernews.com/2026/04/cpuid-breach-distributes-stx-rat-via.html