Securing the Software Supply Chain: How SentinelOne’s AI EDR Autonomously Blocked the CPU-Z Watering Hole Cyber Attack

On April 9, 2026, threat actors compromised the CPU-Z software supply chain, distributing trojanized binaries via the official cpuid.com domain. The attack utilized DLL sideloading involving a malicious CRYPTBASE.dll to deploy STX RAT, a sophisticated Remote Access Trojan. Despite valid digital signatures, behavioral anomalies triggered detection. STX RAT established persistence via registry keys and scheduled tasks, enabling credential theft, cryptocurrency wallet access, and hidden VNC sessions. Communication utilized DNS-over-HTTPS to evade monitoring. This incident highlights a systemic shift where trusted developer identities become attack vectors. Mitigation requires robust behavioral detection beyond signature validation, focusing on process trees and memory allocation patterns. Organizations should verify software integrity through multiple channels and monitor for anomalous child processes spawned by legitimate administrative tools. The attack remained active for 19 hours before autonomous EDR intervention halted the threat.

On April 9, 2026, cpuid.com was actively serving malware through its own official download button. Threat actors had compromised the CPUID domain at the API level and were silently redirecting legitimate download requests to attacker-controlled infrastructure. The attack ran for approximately 19 hours. Users who navigated directly to the official site received a legitimate, properly […]

On April 9, 2026, threat actors compromised the CPU-Z software supply chain, distributing trojanized binaries via the official cpuid.com domain. The attack utilized DLL sideloading involving a malicious CRYPTBASE.dll to deploy STX RAT, a sophisticated Remote Access Trojan. Despite valid digital signatures, behavioral anomalies triggered detection. STX RAT established persistence via registry keys and scheduled tasks, enabling credential theft, cryptocurrency wallet access, and hidden VNC sessions. Communication utilized DNS-over-HTTPS to evade monitoring. This incident highlights a systemic shift where trusted developer identities become attack vectors. Mitigation requires robust behavioral detection beyond signature validation, focusing on process trees and memory allocation patterns. Organizations should verify software integrity through multiple channels and monitor for anomalous child processes spawned by legitimate administrative tools. The attack remained active for 19 hours before autonomous EDR intervention halted the threat. On April 9, 2026, cpuid.com was actively serving malware through its own official download button. Threat actors had compromised the CPUID domain at the API level and were silently redirecting legitimate download requests to attacker-controlled infrastructure. The attack ran for approximately 19 hours. Users who navigated directly to the official site received a legitimate, properly […] On April 9, 2026, cpuid.com was actively serving malware through its own official download button. Threat actors had compromised the CPUID domain at the API level and were silently redirecting legitimate download requests to attacker-controlled infrastructure. The attack ran for approximately 19 hours. Users who navigated directly to the official site received a legitimate, properly signed binary with a malicious payload bundled inside it. That morning, SentinelOne’s behavioral detection flagged an anomaly inside cpuz_x64.exe . The binary was genuine. The digital signature was valid. The download had arrived from the vendor’s own infrastructure. The process chain cpuz_x64.exe began constructing was the tell: it spawned PowerShell, which spawned csc.exe , which spawned cvtres.exe . CPU-Z does not do that. CPU-Z, HWMonitor, HWMonitor Pro, and PerfMonitor are staples in IT toolkits. The users who downloaded them followed every instruction they’d been given. The trust chain broke above them. The next attack will work the same way. SentinelOne’s Annual Threat Report identifies exactly this pattern as a systemic shift: “ This [shift] extends deeply into the software supply chain, where the identity of a trusted developer becomes the vector of attack. ” In late 2025, we observed the GhostAction campaign, where a compromised GitHub maintainer account pushed malicious workflows to extract secrets. A concurrent phishing attack against a maintainer of popular NPM packages deployed malicious code capable of intercepting cryptocurrency transactions. In each case, the commit logs and push events appeared legitimate because they originated from accounts with valid write access. The identity was verified. The intent had been subverted. The CPUID incident extends this pattern to software distribution itself: the supplier’s download infrastructure became the delivery channel. What the Agent Saw The SentinelOne agent triggered the alert “ Penetration framework or shellcode was detected ” within the first seconds of execution. The detection came from what the process was doing, with five specific behavioral indicators converging: Anomalous API resolution: The process located system functions through non-standard discovery methods, bypassing the OS loader entirely. Reflective code loading: Executable code was running in memory regions with no corresponding file on disk. Suspicious memory allocation: Read-Write-Execute (RWX) memory permissions were requested, a staging pattern for malicious payloads. Process injection patterns: Execution flow consistent with code being redirected into a secondary process to mask its origin. Heuristic shellcode signatures: Sequential operations characteristic of automated exploitation toolkits preparing an environment for command execution. The agent autonomously terminated and quarantined the involved processes before the attack advanced further. The malicious CRYPTBASE.dll , placed in the same directory as the legitimate CPU-Z binary, was loaded by Windows before the real system DLL could be reached, and it never completed its job. Alert Page The agent was watching for what the software was trying to do. Behavioral detection is the layer that holds when authorization cannot be trusted, because the behavior reveals intent regardless of what signed the package. Behavioral Indicator Process Tree Event Table What Was Actually Inside The trojanized packages were designed to leave no trace. A reflective PE loader decrypted and injected a second-stage DLL using XXTEA encryption and...