PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Infrastructure
Cybersecurity researchers have unveiled a sophisticated credential theft framework named PCPJack, which specifically targets exposed cloud infrastructures. This new threat not only aims to harvest sensitive credentials but also seeks to eliminate any remnants of the notorious TeamPCP from compromised environments.
The Mechanics of PCPJack
According to Alex Delamotte, a security researcher at SentinelOne, the PCPJack toolset is engineered to extract credentials from various sectors, including cloud, container, developer, productivity, and financial services. The stolen data is exfiltrated through infrastructure controlled by the attackers, while the framework attempts to propagate itself to additional hosts. This capability allows PCPJack to spread in a worm-like manner, facilitating lateral movement within compromised networks.
The primary objective of this cloud attack campaign appears to be generating illicit revenue for the threat actors. This could be achieved through credential theft, fraud, spam, extortion, or the resale of stolen access.
Overlaps with TeamPCP
The emergence of PCPJack is particularly noteworthy due to its significant overlap with TeamPCP, a threat actor that gained notoriety in late 2025 for exploiting known vulnerabilities and misconfigurations in cloud services. TeamPCP’s tactics involved enlisting endpoints into an ever-expanding network for data theft and other post-exploitation activities.
Interestingly, PCPJack does not incorporate a cryptocurrency mining component, which was a hallmark of TeamPCP’s operations. While the rationale behind this omission remains unclear, the similarities between the two frameworks suggest that PCPJack may be the work of a former TeamPCP member familiar with the group’s methodologies.
Technical Architecture of PCPJack
The attack begins with a bootstrap shell script designed to prepare the environment. This script configures the payload host and downloads subsequent tooling while simultaneously infecting its own infrastructure. It is also responsible for terminating processes associated with TeamPCP, installing Python, establishing persistence, and launching the orchestration script.
The PCPJack framework comprises six primary Python payloads:
-
worm.py (stored as monitor.py): This is the main orchestrator responsible for launching modules, conducting local credential theft, and propagating the toolset to other hosts by exploiting known vulnerabilities, including CVE-2025-55182, CVE-2025-29927, CVE-2026-1357, CVE-2025-9501, and CVE-2025-48703. It utilizes Telegram for command-and-control (C2) communications.
-
parser.py (utils.py): This module handles credential extraction, categorizing stolen keys and secrets.
-
lateral.py (_lat.py): This payload facilitates reconnaissance, secret harvesting, and lateral movement across various services, including SSH, Kubernetes, Docker, Redis, RayML, and MongoDB.
-
crypto_util.py (_cu.py): This module encrypts credentials before they are exfiltrated to the attacker’s Telegram channel.
-
cloud_ranges.py (_cr.py): This payload collects IP address ranges assigned to major cloud providers such as Amazon Web Services (AWS), Google Cloud, Microsoft Azure, Cloudflare, Cloudfront, and Fastly, refreshing the data every 24 hours.
-
cloud_scan.py (_csc.py): This script conducts cloud port scanning to facilitate external propagation via Docker, Kubernetes, MongoDB, RayML, or Redis services.
Propagation targets for the orchestrator script are sourced from parquet files obtained directly from Common Crawl, a non-profit organization that archives web data for public use.
Focus on TeamPCP’s Activities
When exfiltrating system information and credentials, PCPJack operators even track success metrics regarding whether TeamPCP has been evicted from targeted environments. This is indicated by a “PCP replaced” field sent to the C2, suggesting a deliberate focus on undermining the activities of TeamPCP rather than engaging in opportunistic cloud attacks.
Further analysis of PCPJack’s infrastructure has revealed another shell script, check.sh, which detects CPU architecture and retrieves the appropriate Sliver binary. This script also scans Instance Metadata Service (IMDS) endpoints, Kubernetes service accounts, and Docker instances for credentials associated with various services, including Anthropic, Digital Ocean, Discord, Google API, Grafana Cloud, HashiCorp Vault, OnePassword, and OpenAI, transmitting the gathered information to an external server.
Conclusion
The PCPJack framework exemplifies a well-developed toolset that indicates a preference for modular coding, despite some behavioral redundancies. Notably, this campaign does not deploy cryptocurrency miners and intentionally removes mining functions associated with TeamPCP. Nevertheless, the actor behind PCPJack has established specific scopes for extracting cryptocurrency credentials.
For further details on this development, refer to the original reporting source: thehackernews.com.
Keep reading for the latest cybersecurity developments, threat intelligence and breaking updates from across the Middle East.
