MalwareMay 7, 2026
Threat actors are in a turf war for ownership of your infrastructure. @LabsSentinel has uncovered...
PCPJack cloud credential worm evicts rival TeamPCP in infrastructure turf war.
Summary
Sentinel Labs has discovered PCPJack, a cloud credential worm that targets infrastructure by hunting and removing competing malware, specifically conducting a 'scorched-earth' eviction campaign against the rival TeamPCP group. This represents a new form of malware competition where threat actors actively displace one another for control of compromised cloud environments. The discovery highlights the aggressive nature of modern credential-stealing threats in shared infrastructure.
Indicators of Compromise
- malware — PCPJack
- malware — TeamPCP
Entities
TeamPCP (threat_actor)Sentinel Labs (vendor)