Full Report
The TeamPCP hacking group is targeting Kubernetes clusters with a malicious script that wipes all machines when it detects systems configured for Iran. [...]
Analysis Summary
# Threat Actor: TeamPCP
## Attribution & Identity
TeamPCP is an active hacking group characterized by its proficiency in supply-chain attacks and cloud-native exploitation. While the specific geographic origin of the group is not confirmed, their recent activity suggests a strong geopolitical bias or motivation directed against Iranian infrastructure.
**Known Aliases & Associated Groups:**
* Currently primarily identified as **TeamPCP**.
* Associated with the development and deployment of the **CanisterWorm** malware.
## Activity Summary
* **March 2026:** Initiated the "CanisterWorm" campaign targeting the NPM ecosystem.
* **Recent (Supply Chain):** Executed a high-profile supply-chain attack on the **Trivy** vulnerability scanner, pushing infostealers via GitHub Actions.
* **Kubernetes Campaign (Current):** Targeted Kubernetes clusters using a selective script that differentiates between Iranian and non-Iranian systems, deploying either a destructive wiper or a persistent backdoor.
## Tactics, Techniques & Procedures
* **Geopolitical Filtering:** Inspects system timezones and locales specifically for Iran to determine whether to deploy a wiper or a backdoor.
* **Container Orchestration Exploitation:** Uses Kubernetes-native lateral movement via **DaemonSets** to ensure malicious pods run on every node in a cluster.
* **Privilege Escalation:** Deploys privileged containers with the host root filesystem mounted (`/mnt/host`) to bypass container isolation.
* **Persistence:** Installs a Python-based backdoor as a **systemd service** on non-Iranian systems.
* **Wiping/Destruction:** Executes `rm -rf / --no-preserve-root` to terminate OS functionality.
* **Lateral Movement:**
* Scanning for unauthenticated Docker APIs on port 2375.
* Parsing authentication logs for valid credentials and stealing SSH private keys.
* Automated SSH propagation using `StrictHostKeyChecking=no`.
## Targeting
* **Sectors:** Technology (Supply Chain), Cloud Infrastructure, DevOps/DevSecOps (Vulnerability Scanning tools).
* **Geography:** Primarily **Iran** (for destructive operations); global/standard locales (for long-term backdoor access).
* **Victims:**
* Users of the **Trivy** vulnerability scanner.
* NPM package consumers.
* Unprotected Kubernetes clusters and Docker API endpoints.
## Tools & Infrastructure
* **Malware:**
* **CanisterWorm:** A Python-based backdoor.
* **"Kamikaze":** An Alpine-based container payload used for system wiping.
* **C2 Infrastructure:**
* Utilizes the Internet Computer Protocol (ICP) for command and control.
* **C2 Domain:** `tdtqy-oyaaa-aaaae-af2dq-cai[.]raw[.]icp0[.]io`
* **Drop Paths:** `/tmp/pglog`
## Implications
TeamPCP represents a sophisticated threat to the software supply chain and cloud environments. Their ability to weaponize popular security tools (Trivy) and package managers (NPM) indicates a high level of technical competency. The shift toward selective destruction (wiping) based on geopolitical markers suggests they may be operating as a hacktivist collective or a state-aligned entity engaged in disruptive operations.
## Mitigations
* **Container Security:**
* Restrict the use of **privileged containers** within Kubernetes using Admission Controllers (e.g., Pod Security Admissions).
* Avoid mounting the host root filesystem into containers.
* **Network Hardening:**
* Disable or secure Docker API port `2375`. Use TLS authentication if the API must be exposed.
* Monitor for unauthorized outbound SSH traffic, especially with flags that bypass host key verification.
* **Identity & Access Management:**
* Implement strictly scoped ServiceAccounts for Kubernetes workloads.
* Rotate SSH keys regularly and monitor for unauthorized access to `/var/log/auth.log` or equivalent.
* **Locale Monitoring:** Monitor for sudden changes or queries to system timezone and locale settings (`localectl`) which may precede a wiping event.