Between April 9 and April 10, 2026, the official website for CPUID—a popular diagnostic tool developer—was hijacked. Threat actors successfully replaced legitimate software downloads with trojanized versions designed to deliver the dangerous STX Remote Access Trojan (RAT).
The STX RAT is a powerful piece of malware capable of stealing a variety of sensitive data, including browser credentials and cookies, cryptocurrency wallets, and FTP client credentials. Because users believed they were downloading official, trusted software, the attack effectively bypassed many standard security precautions.
How to check if you’re affected
If you downloaded any software from the CPUID website between April 9 and April 10, 2026, you may be compromised.
- Scan your system: Immediately run a full system scan using a reputable and updated antivirus or anti-malware solution.
- Monitor accounts: Check for any suspicious activity on your online accounts, especially those related to cryptocurrency or FTP access.
- Change passwords: As a precaution, consider changing passwords for critical accounts and ensure multi-factor authentication (MFA) is enabled wherever possible.
- Re-download: If you need CPUID software, ensure you download it directly from the official source now that the issue has been reported, and verify file hashes if provided.