The practice of injecting malicious code into legitimate software and then distributing same via fake websites has been increasing over recent times and is fast evolving into one of the most significant threats facing home users.
Trojanized Version Of CPU-Z
CPU-Z is a popular free hardware information tool. Cybercriminals are promoting a version of CPU-Z they have infected with the RedLine infostealer malware and are distributing this malicious version across a dozen fake WindowsReport websites. The cybercriminals followed up by creating ads through the Google Ads network to promote their malicious version of CPU-Z.
The RedLine malware is capable of gathering sensitive data such as stored passwords, payment information, cookies, etc., and setting up fake websites under a reputable website’s moniker to distribute same not only adds a sense of legitimacy but also goes to show the level of sophistication this method of malware delivery has now achieved.
I hasten to assure you that the version of CPU-Z available via the official website and reputable download portals remains untainted and is perfectly safe.
Google Bard App Is Malware
Google Bard is an AI tool that Google released in competition with OpenAI’s ChatGPT. Scammers, allegedly based in Vietnam, are taking advantage of Google’s generative AI tool to infect unsuspecting users with dangerous malware that will steal their login credentials via malicious apps under the “Bard” name.
The key point here is that the genuine Google Bard is only available in browsers and requires a Google account. Apparently, Google is aware of this situation and is currently taking legal action to take down these malicious apps. However, in the meantime, the scammers remain openly active. So, do NOT install any app that purports to be associated with Google Bard.
BOTTOM LINE:
As continually advised here on DCT, always download your software from a reputable source – either directly from the developer’s website or from a reputable download portal.
Stay safe out there!
—
Thanks for the warning Jim. I use this software and am usually careful to try to download most stuff from the original sources but occasionally I download from sites like MajorGeeks. They appear to be a very responsible site and clearly malware check their software and I have never had an issue there but for CPUZ I will definitely make sure I use the original for the next update.
Cheers
Reg
Jim,
Thanks, It’s one of the main reasons I choose to read DavesComputerTips is to be alerted to these types behaviors on the internet.
Thanks Again!
You are most welcome guys.
REG: MajorGeeks is one of the trustworthy download portals and the one I always head to if I cannot download direct from the developer.
https://davescomputertips.com/the-best-freeware-download-sites/
Fortunately, My old version of CPU-Z was at least 3 years old and the one I JUST installed with my new MoBo was the one from MSI. I don’t allow anything I am not forced to have from Giggle. Those people are criminals in my mind.
Hello Jim and thanks for the heads up. For those who are/were unaware of those threats, would not most a/v”s detect and protect users? The RedLine malware is not new, unless like Covid virus, it has mutated, Mindblower!
Hey MB,
Yes, an effective AV should identify and block the RedLine malware, “should” being the operative word. However, this is only one example of this expanding method of malware delivery and the point of the article is to remind users to download their software only from known reputable sources.