New PCPJack worm steals credentials, cleans TeamPCP infections
Source: Bleeping Computer
Overview
A new malware framework called PCPJack is stealing credentials from exposed cloud infrastructure while actively removing TeamPCP’s access to the compromised systems.
SentinelLabs researchers say PCPJack is designed for large‑scale credential theft and likely monetizes its activity via financial fraud, spam operations, credential resale, or extortion.
Targeted Services
PCPJack scans for and attacks a variety of exposed services, including:
- Docker
- Kubernetes
- Redis
- MongoDB
- RayML
- Vulnerable web applications
In many cases the threat actor moves laterally across the network after initial compromise.
Capabilities
The framework focuses on credential theft from cloud environments, developer systems, messenger apps, financial services, and more. Specific targets include:
- SSH keys
- Slack tokens
- WordPress configurations
- OpenAI and Anthropic API keys
- Discord tokens
- DigitalOcean credentials
Exfiltrated credentials are encrypted with X25519 ECDH and ChaCha20‑Poly1305, split into 2,800‑byte chunks, and sent to Telegram channels.
Propagation Method
- Scanning – PCPJack scans external cloud infrastructure for exposed services (Docker, Kubernetes, Redis, MongoDB, RayML).
- Exploitation – It exploits known vulnerabilities to gain initial access.
- Host Harvesting – The malware downloads hostname data from Common Crawl parquet files and adds them to its scanning list.
Exploited Vulnerabilities
SentinelLabs identified the following CVEs being leveraged:
- CVE‑2025‑29927 – Authentication bypass in Next.js middleware via a crafted header.
- CVE‑2025‑55182 – “React2Shell” Server Actions deserialization flaw in React and Next.js.
- CVE‑2026‑1357 – Unauthenticated file upload in WPVivid Backup.
- CVE‑2025‑9501 – PHP injection in W3 Total Cache via a cached
mfunccomment. - CVE‑2025‑48703 – Shell injection in CentOS Web Panel Filemanager
changePermfunctionality.
Lateral Movement and Persistence
Inside compromised environments, PCPJack:
- Harvests SSH keys and other credentials.
- Enumerates Kubernetes clusters and Docker daemons.
- Executes itself on reachable internal hosts.
Persistence mechanisms include:
- Systemd services
- Cron jobs (including Redis‑based cron rewrites)
- Privileged containers
Backdoor Infrastructure
Researchers also discovered a Sliver‑based backdoor on the threat actor’s infrastructure, with variants for x86_64, x86, and ARM architectures.
Mitigation Recommendations
- Enforce multi‑factor authentication (MFA) for all accounts.
- Use IMDSv2 for AWS metadata service access.
- Secure Docker and Kubernetes APIs with strong authentication and network segmentation.
- Apply the principle of least privilege to all cloud resources.
- Avoid storing secrets (API keys, tokens, passwords) in plaintext.
- Keep all software up to date and patch the listed CVEs promptly.