## TeamPCP Unleashes Iran-Targeted Wiper After Supply Chain Attacks A financially motivated data theft and extortion group, **TeamPCP**, is attempting to inject itself into the Iranian conflict by deploying a worm that spreads through poorly secured cloud services. The worm wipes data on infected systems that use Iran’s time zone or have Farsi set as the default language. Experts say the wiper campaign against Iran materialized this past weekend. In December 2025, the group began compromising corporate cloud environments using a self-propagating worm that targeted exposed Docker APIs, Kubernetes clusters, Redis servers, and the React2Shell vulnerability. TeamPCP then attempted to move laterally through victim networks, siphoning authentication credentials and extorting victims over Telegram.  ## Cloud-Native Exploitation Platform In a profile of TeamPCP published in January, the security firm **Flare** stated that the group weaponizes exposed control planes rather than exploiting endpoints, predominantly targeting cloud infrastructure over end-user devices. **Azure** (61%) and **AWS** (36%) account for 97% of compromised servers. "TeamPCP’s strength does not come from novel exploits or original malware, but from the large-scale automation and integration of well-known attack techniques," **Flare's** **Assaf Morag** wrote. "The group industrializes existing vulnerabilities, misconfigurations, and recycled tooling into a cloud-native exploitation platform that turns exposed infrastructure into a self-propagating criminal ecosystem." ## Trivy Supply Chain Attack On March 19, TeamPCP executed a supply chain attack against the vulnerability scanner **Trivy** from **Aqua Security**, injecting credential-stealing malware into official releases on GitHub actions. Aqua Security has since removed the harmful files. The security firm **Wiz** notes that the attackers were able to publish malicious versions that snarfed SSH keys, cloud credentials, Kubernetes tokens, and cryptocurrency wallets from users. ## CanisterWorm and the Iran Connection Over the weekend, the same technical infrastructure TeamPCP used in the Trivy attack was leveraged to deploy a new malicious payload which executes a wiper attack if the user’s timezone and locale are determined to correspond to Iran, said **Charlie Eriksen**, a security researcher at **Aikido**. In a blog post published on Sunday, Eriksen said if the wiper component detects that the victim is in Iran and has access to a Kubernetes cluster, it will destroy data on every node in that cluster. "If it doesn’t it will just wipe the local machine," Eriksen told KrebsOnSecurity.  Aikido refers to TeamPCP’s infrastructure as "**CanisterWorm**" because the group orchestrates their campaigns using an Internet Computer Protocol (ICP) canister — a system of tamperproof, blockchain-based “smart contracts” that combine both code and data. ICP canisters can serve Web content directly to visitors, and their distributed architecture makes them resistant to takedown attempts. These canisters will remain reachable so long as their operators continue to pay virtual currency fees to keep them online. Eriksen said the people behind TeamPCP are bragging about their exploits in a group on Telegram and claim to have used the worm to steal vast amounts of sensitive data from major companies, including a large multinational pharmaceutical firm. ## GitHub Malware Problem Security experts say the spammed GitHub messages could be a way for TeamPCP to ensure that any code packages tainted with their malware will remain prominent in GitHub searches. In a newsletter published today titled *GitHub is Starting to Have a Real Malware Problem*, **Risky Business** reporter **Catalin Cimpanu** writes that attackers often are seen pushing meaningless commits to their repos or using online services that sell GitHub stars and “likes” to keep malicious packages at the top of the GitHub search page. This weekend’s outbreak is the second major supply chain attack involving Trivy in as many months. At the end of February, Trivy was hit as part of an automated threat called HackerBot-Claw, which mass exploited misconfigured workflows in GitHub Actions to steal authentication tokens. ## KICS Compromise Wiz is reporting that TeamPCP also pushed credential-stealing malware to the **KICS** vulnerability scanner from **Checkmarx**, and that the scanner’s GitHub Action was compromised between 12:58 and 16:50 UTC today (March 23rd). ## Conclusion The recent activities of TeamPCP demonstrate a growing threat landscape, with cloud infrastructure and supply chains becoming increasingly attractive targets. Security professionals should prioritize securing their cloud environments, implementing robust supply chain security measures, and staying vigilant against emerging threats.