Recent reports have emerged regarding two widely used hardware monitoring tools, HWMonitor and CPU-Z, raising alarms among users and cybersecurity experts alike. As individuals attempt to download the latest versions of these utilities, they are encountering unexpected installers flagged by antivirus software, suggesting a potential compromise of the download channels.
HWMonitor 1.63 and CPU-Z Download Flagged as Malware
The issue first gained traction on Reddit, where users began sharing their experiences of receiving suspicious executable files instead of the expected installers. One user, known as u/DMkiller, recounted his attempt to update HWMonitor from version 1.42 to 1.63. Upon visiting the official CPUID website, he was surprised to find the downloadable file labeled as HWiNFOMonitorSetup.exe, rather than the anticipated hwmonitor_1.62.
Upon downloading the file, Windows Defender promptly flagged it as a virus. Ignoring the warning, the user proceeded with the installation, only to find a Russian program initiating, which he was able to cancel before it fully executed. A subsequent check on Virustotal.com revealed alarming results, confirming the presence of malware.
As reports continued to surface, concerns grew regarding the potential for malware attacks to compromise user information across millions of devices. Independent cybersecurity trackers have corroborated these findings, with the security monitoring group “vx-underground” confirming that this incident is indeed serious. They identified it as a multi-stage trojanized attack originating from a compromised domain path.
Mr. Titus Tech is correct. cpuid-dot-com is indeed delivering malware right now.As I began poking this with I stick I discovered this is not your typical run-of-the-mill malware. This malware is deeply trojanized, distributes from a compromised domain (cpuid-dot-com), performs… https://t.co/ubkXmG7LKV pic.twitter.com/jPlAMmpijN— vx-underground (@vxunderground) April 10, 2026
Numerous users have reported receiving mismatched filenames and antivirus alerts, further indicating that both utilities have been compromised. Samuel Demeulemeester, the developer behind CPU-Z and HWMonitor, acknowledged the ongoing investigations. He noted that while the core binaries remain unaltered, a secondary feature or API linked to the website was compromised for approximately six hours.
Here is the small statement I sent to everyone… 😓Hi,Investigations are still ongoing, but it appears that a secondary feature (basically a side API) was compromised for approximately six hours between April 9 and April 10, causing the main website to randomly display… https://t.co/ZfHRoWwkOM— Doc TB (@d0cTB) April 10, 2026
In light of these developments, users are strongly advised to refrain from downloading either utility until the malware issue is resolved. For those who have previously installed these programs, it is recommended to avoid updating them until further notice.
About the author: Sarfraz Khan is a hardware reporter with a focus on PC components and the builder community. With years of experience writing about PC hardware and laptops, his work has been featured in several reputable technology publications. Sarfraz’s hands-on experience is demonstrated through his first-person accounts of using and comparing different hardware configurations, providing practical and relatable insights for everyday users. His technical analysis is respected by peers in the enthusiast community and has been cited by specialized hardware sites such as Germany’s Igor’s Lab.
Follow Wccftech on Google to get more of our news coverage in your feeds.
