Malicious CPU-Z App Distributed Through Ads on Fake Windows News Site

Threat Level

Attack Report

For a detailed threat advisory, download the pdf file here

Summary

A threat actor has been using Google Ads as a platform to distribute a tampered version of the CPU-Z tool. CPU-Z is a widely-used utility that provides information about various hardware components in a computer. CPU-Z tool is being utilized to distribute the Redline stealer. The malicious campaign aims to deceive unsuspecting users by displaying malicious ads that redirect them to a fraudulent website.

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.