Introduction
A financially motivated cybercrime group known as TeamPCP has escalated its operations by deploying a wiper worm that specifically targets systems in Iran. The worm, dubbed CanisterWorm, spreads through poorly secured cloud services and wipes data on machines configured to Iran's time zone or using Farsi as the default language. This campaign, which emerged over the weekend of March 19–20, 2025, marks a significant shift from the group's earlier data-theft and extortion activities.
TeamPCP: A New Player in Cloud Exploitation
TeamPCP is a relatively new cybercriminal group that first gained attention in December 2024. Rather than relying on novel exploits, the group excels at automating and integrating well-known attack techniques. It targets exposed cloud infrastructure—primarily Docker APIs, Kubernetes clusters, Redis servers, and the React2Shell vulnerability—to compromise corporate environments. According to a January 2025 profile by security firm Flare, the group weaponizes exposed control planes rather than endpoints, with Azure (61%) and AWS (36%) accounting for 97% of compromised servers.
Flare's Assaf Morag noted, "TeamPCP's strength does not come from novel exploits or original malware, but from the large-scale automation and integration of well-known attack techniques. The group industrializes existing vulnerabilities, misconfigurations, and recycled tooling into a cloud-native exploitation platform that turns exposed infrastructure into a self-propagating criminal ecosystem."
Initial Operations
In late 2024, TeamPCP began compromising corporate cloud environments using a self-propagating worm. Once inside, they moved laterally through victim networks, stealing authentication credentials and extorting victims via Telegram. Their modus operandi involved compromising exposed cloud services, then using stolen credentials to escalate privileges and expand their foothold.
The Trivy Supply Chain Attack
On March 19, 2025, TeamPCP executed a significant supply chain attack against Trivy, a vulnerability scanner developed by Aqua Security. The attackers injected credential-stealing malware into official releases on GitHub Actions. Aqua Security quickly removed the harmful files, but security firm Wiz reported that the attackers had published malicious versions capable of exfiltrating SSH keys, cloud credentials, Kubernetes tokens, and cryptocurrency wallets from users.
This attack demonstrated TeamPCP's ability to compromise trusted software supply chains and highlighted their focus on cloud-native environments. The same technical infrastructure used in the Trivy attack was later leveraged to deploy the new wiper payload.
The CanisterWorm Wiper
Charlie Eriksen, a security researcher at Aikido, identified the wiper component as CanisterWorm. The name derives from the group's use of an Internet Computer Protocol (ICP) canister—a tamperproof, blockchain-based smart contract system—to orchestrate their campaigns. On March 22, 2025, Eriksen published a blog post detailing how the worm determines whether to execute a wiper attack.
The worm checks the victim's time zone and locale. If both correspond to Iran (UTC+3:30 and Farsi language), the wiper activates. If the affected system has access to a Kubernetes cluster, the worm destroys data on every node in that cluster. Otherwise, it wipes the local machine. "If it doesn't it will just wipe the local machine," Eriksen told KrebsOnSecurity.
Technical Details
The wiper payload is deployed via the same cloud infrastructure TeamPCP used in the Trivy attack. Security researchers at Aikido observed that the worm spreads automatically through exposed cloud services, including Docker APIs and Kubernetes clusters. The worm's self-propagating nature makes it particularly dangerous in multi-cloud environments where misconfigurations are common.
Implications for Cloud Security
This campaign underscores the growing threat of cloud-native attacks. TeamPCP's wiper not only destroys data but also disrupts operations, potentially causing significant financial and reputational damage. The group's focus on Iran suggests geopolitical motivations, though their primary driver remains financial. In previous operations, TeamPCP extorted victims over Telegram, but the wiper attack indicates a willingness to cause permanent harm.
Organizations should review their cloud security posture, ensuring that services like Docker and Kubernetes are not exposed unnecessarily. Strong authentication, regular patching, and monitoring for suspicious lateral movement are critical defenses. The Trivy supply chain attack also highlights the need to verify the integrity of software updates, especially those obtained from public repositories.
Conclusion
TeamPCP's CanisterWorm campaign represents a dangerous evolution in cybercrime, combining self-propagating worms with destructive wipers. By targeting Iranian systems, the group demonstrates that even financially motivated attackers can cause significant geopolitical disruption. As cloud computing continues to grow, security teams must remain vigilant against groups that industrialize known vulnerabilities.
For further reading on TeamPCP's earlier activities, see the profile above. Details on the Trivy attack are available in the relevant section, and technical specifics of the wiper are discussed in the CanisterWorm section.