SentinelLabs researchers have discovered new malware that removes malicious code planted by the TeamPCP supply chain hackers and replaces it with its own.
Named PCPJack, the framework was discovered on April 28 by a hunting rule on Google’s VirusTotal malware scanning service which returned a shell script that removed artefacts linked to the prolific TeamPCP hackers, SentinelLabs wrote in its technical analysis.
It then installs a Python virtual environment, and downloads six modules that cover the malware functionality.
PCPJack steals credentials from cloud, container, developer, productivity and financial services, SentinelLabs wrote.
The malware exhibits worm-like behaviour and tries to propagate itself to exposed cloud infrastructure; it also attempts lateral movement inside victim environments.
Targeted services include Docker, Kubernetes, Redis, MongoDB, RayML and vulnerable web applications.
SentinelLabs wrote that PCPJack doesn’t deploy cryptocurrency mining malware and instead appears to monetise through other activities such as resale of stolen access, credentials theft, fraud, spam and extortion.
TeamPCP rose to prominence in recent months by compromising the Aqua Security Trivy vulnerability scanner, which in turn enabled several other attacks through the credentials obtained by the hackers.
Armed with Trivy-stolen credentials, security researchers have suggested TeamPCP is behind the recent CanisterWorm supply chain attack, and a trojanised version of the popular LiteLLM proxy for large language model application programming interface calls.
SentinelLabs theorised that the PCPJack attacker is a former operator who is deeply familiar with TeamPCP’s tooling.
Overall, although the code used by the PCPJack threat actor is “well-developed”, SentinelLabs found some security lapses such as a failure to encrypt the token for the attacker’s Telegram command and control (C2) bot, and a credential decryption key.
