Cybersecurity researchers have known as consideration to a “large marketing campaign” that has systematically focused cloud native environments to arrange malicious infrastructure for follow-on exploitation.
The exercise, noticed round December 25, 2025, and described as “worm-driven,” leveraged uncovered Docker APIs, Kubernetes clusters, Ray dashboards, and Redis servers, together with the just lately disclosed React2Shell (CVE-2025-55182, CVSS rating: 10.0) vulnerability. The marketing campaign has been attributed to a risk cluster referred to as TeamPCP (aka DeadCatx3, PCPcat, PersyPCP, and ShellForce).
TeamPCP is understood to be lively since no less than November 2025, with the primary occasion of Telegram exercise relationship again to July 30, 2025. The TeamPCP Telegram channel presently has over 700 members, the place the group publishes stolen knowledge from numerous victims throughout Canada, Serbia, South Korea, the U.A.E., and the U.S. Particulars of the risk actor had been first documented by Beelzebub in December 2025 underneath the identify Operation PCPcat.
“The operation’s targets had been to construct a distributed proxy and scanning infrastructure at scale, then compromise servers to exfiltrate knowledge, deploy ransomware, conduct extortion, and mine cryptocurrency,” Flare security researcher Assaf Morag stated in a report printed final week.
TeamPCP is claimed to perform as a cloud-native cybercrime platform, leveraging misconfigured Docker APIs, Kubernetes APIs, Ray dashboards, Redis servers, and weak React/Subsequent.js functions as important an infection pathways to breach fashionable cloud infrastructure to facilitate knowledge theft and extortion.
As well as, the compromised infrastructure is misused for a variety of different functions, starting from cryptocurrency mining and knowledge internet hosting to proxy and command-and-control (C2) relays.
Relatively than using any novel tradecraft, TeamPCP leans on tried-and-tested assault strategies, similar to present instruments, identified vulnerabilities, and prevalent misconfigurations, to construct an exploitation platform that automates and industrializes the entire course of. This, in flip, transforms the uncovered infrastructure right into a “self-propagating prison ecosystem,” Flare famous.
Profitable exploitation paves the best way for the deployment of next-stage payloads from exterior servers, together with shell- and Python-based scripts that hunt down new targets for additional enlargement. One of many core parts is “proxy.sh,” which installs proxy, peer-to-peer (P2P), and tunneling utilities, and delivers numerous scanners to constantly search the web for weak and misconfigured servers.
“Notably, proxy.sh performs surroundings fingerprinting at execution time,” Morag stated. “Early in its runtime, it checks whether or not it’s working inside a Kubernetes cluster.”
“If a Kubernetes surroundings is detected, the script branches right into a separate execution path and drops a cluster-specific secondary payload, indicating that TeamPCP maintains distinct tooling and tradecraft for cloud-native targets relatively than counting on generic Linux malware alone.”
A quick description of the opposite payloads is as follows –
- scanner.py, which is designed to search out misconfigured Docker APIs and Ray dashboards by downloading Classless Inter-Area Routing (CIDR) lists from a GitHub account named “DeadCatx3,” whereas additionally that includes choices to run a cryptocurrency miner (“mine.sh”).
- kube.py, which incorporates Kubernetes-specific performance to conduct cluster credential harvesting and API-based discovery of assets similar to pods and namespaces, adopted by dropping “proxy.sh” into accessible pods for broader propagation and establishing a persistent backdoor by deploying a privileged pod on each node that mounts the host.
- react.py, which is designed to use the React flaw (CVE-2025-29927) to attain distant command execution at scale.
- pcpcat.py, which is designed to find uncovered Docker APIs and Ray dashboards throughout massive IP tackle ranges and mechanically deploy a malicious container or job that executes a Base64-encoded payload.
Flare stated the C2 server node positioned at 67.217.57[.]240 has additionally been linked to the operation of Sliver, an open-source C2 framework that is identified to be abused by risk actors for post-exploitation functions.
Data from the cybersecurity firm exhibits that the risk actors primarily single out Amazon Internet Companies (AWS) and Microsoft Azure environments. The assaults are assessed to be opportunistic in nature, primarily concentrating on infrastructure that helps its targets relatively than going after particular industries. The result’s that organizations that run such infrastructure develop into “collateral victims” within the course of.
“The PCPcat marketing campaign demonstrates a full lifecycle of scanning, exploitation, persistence, tunneling, knowledge theft, and monetization constructed particularly for contemporary cloud infrastructure,” Morag stated. “What makes TeamPCP harmful isn’t technical novelty, however their operational integration and scale. Deeper evaluation exhibits that almost all of their exploits and malware are primarily based on well-known vulnerabilities and evenly modified open-source instruments.”
“On the similar time, TeamPCP blends infrastructure exploitation with knowledge theft and extortion. Leaked CV databases, id data, and company knowledge are printed by way of ShellForce to gasoline ransomware, fraud, and cybercrime repute constructing. This hybrid mannequin permits the group to monetize each compute and data, giving it a number of income streams and resilience in opposition to takedowns.”
