New PCPJack worm steals credentials, cleans TeamPCP infections
Summary
A new malware framework named PCPJack has been discovered that targets exposed cloud infrastructure to steal credentials. Notably, PCPJack also actively removes traces of TeamPCP infections from compromised systems, suggesting a turf war or a strategy to evade detection by other malware.
IFF Assessment
FOE
This article describes a new malware that actively steals credentials and removes competing malware, posing a direct threat to defenders.
Defender Context
Defenders should be aware of PCPJack's credential theft capabilities targeting cloud infrastructure. The malware's ability to remove other infections suggests it may be sophisticated or part of a larger campaign, requiring vigilance against both PCPJack and potentially other malware.