After Replacing TeamPCP Malware, 'PCPJack' Steals Cloud Secrets

PCPJack is a modular Python-based cloud worm reported by SentinelLabs that steals a wide range of secrets (cloud, container, developer, productivity, financial services, and crypto wallets) and removes competing TeamPCP tooling; it establishes persistence via a bootstrap module, disguises activity through monitoring, sorts stolen secrets, moves laterally across Kubernetes, Docker, SSH and Redis, and uniquely leverages Common Crawl parquet files for pre-validated target discovery — it lacks cryptomining and appears optimized for rapid credential and wallet theft, so organizations should enforce secret vaults, MFA for service accounts, and cloud security best practices.