Skip to content
The Nexus
DossierENTITY

PCPJack

Coverage of PCPJack in the Nexus archive.

Earliest in view: May 7 · 17:45 UTCMost recent: Jun 5 · 05:34 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYJun 5 · 05:34 UTCTHE HACKER NEWS
    PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network

    PCPJack has hijacked cloud servers from AWS, Google Cloud, and Azure to create a covert SMTP relay network. Compromised business servers in the U.S., Europe, and Asia were converted into SMTP proxies, verified for mail relay capability, and synced every five minutes.

  • SECURITYMay 8 · 17:26 UTCTHE REGISTER
    Worm rubs out competitor's malware, then takes control

    A mysterious worm called PCPJack is removing TeamPCP infections from cloud instances and taking control, harvesting credentials and spreading to new targets. The worm was discovered by SentinelOne's SentinelLabs researchers in late April. It targets various services including Docker, Kubernetes, and MongoDB.

  • SECURITYMay 7 · 20:43 UTCDARK READING
    After Replacing TeamPCP Malware, 'PCPJack' Steals Cloud Secrets

    PCPJack malware replaces TeamPCP, using parquet files for stealthy target discovery in cloud environments. It canvasses multiple cloud environments, making innovative use of parquet files. This new malware poses a significant threat to cloud security.

  • SECURITYMay 7 · 18:35 UTCBLEEPING COMPUTER
    New PCPJack worm steals credentials, cleans TeamPCP infections

    A new malware framework called PCPJack is stealing credentials from exposed cloud infrastructure and removing TeamPCP's access to systems. This malware framework is targeting cloud infrastructure and removing existing infections. The goal of PCPJack appears to be stealing sensitive information.

  • SECURITYMay 7 · 17:45 UTCTHE HACKER NEWS
    PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Systems

    Cybersecurity researchers have discovered a new credential theft framework called PCPJack that targets exposed cloud infrastructure and steals credentials from various services. The framework exploits five CVEs to spread worm-like across cloud systems. It harvests credentials and exfiltrates data through attacker-controlled infrastructure.

PCPJack · Dossier · The Nexus