After Replacing TeamPCP Malware, 'PCPJack' Steals Cloud Secrets
Summary
A new malware dubbed PCPJack has been identified, succeeding the TeamPCP malware. It employs a novel technique of using parquet files for stealthy discovery and exfiltration of cloud secrets from multiple cloud environments.
IFF Assessment
FOE
PCPJack's ability to stealthily discover and steal cloud secrets represents a significant threat to organizations operating in cloud environments.
Defender Context
Defenders should be aware of PCPJack's novel use of parquet files for stealthy reconnaissance and data exfiltration. Monitoring for unusual file access patterns, particularly those involving parquet files in cloud storage, and ensuring robust access controls for cloud secrets are crucial mitigation strategies.