PCPJack Exposed: Researchers Uncover 230-Node Cloud Email Relay Network

PCPJack compromised 230 cloud-hosted servers on AWS, Google Cloud, and Azure and instrumented them with Sliver implants and Chisel tunnels to create a monitored, self-healing SMTP relay network; researchers discovered the operation after the actor left deployment toolkits, logs, and C2 files in an open, unauthenticated directory, exposing the full deployment, persistence, verification, and proxy-enrichment workflows and suggesting large-scale email abuse (spam/phishing) as the likely objective.