Cybersecurity researchers have uncovered a significant, widespread cyberattack campaign targeting cloud-native environments, a sophisticated operation designed to establish malicious infrastructure for subsequent criminal activities. The campaign, observed around December 25, 2025, utilizes a worm-driven approach to compromise exposed Docker APIs, Kubernetes clusters, Ray dashboards, and Redis servers. A critical component of this attack vector is the recently disclosed React2Shell vulnerability (CVE-2025-55182), which carries a CVSS score of 10.0, indicating its severity. This extensive operation has been attributed to a threat group known as TeamPCP, also recognized by aliases such as DeadCatx3, PCPcat, PersyPCP, and ShellForce.
TeamPCP has been an active threat actor since at least November 2025, with initial evidence of their activity appearing on Telegram dating back to July 30, 2025. The group’s Telegram channel currently boasts over 700 members, where they showcase stolen data from victims across various countries, including Canada, Serbia, South Korea, the UAE, and the United States. The threat actor’s modus operandi was first detailed by Beelzebub in December 2025 under the name Operation PCPcat. According to Assaf Morag, a security researcher at Flare, the primary objectives of this operation are to construct a distributed proxy and scanning infrastructure at scale, subsequently compromise servers for data exfiltration, deploy ransomware, engage in extortion, and mine cryptocurrencies.
TeamPCP’s Cloud-Native Cybercrime Campaign
TeamPCP is operating as a comprehensive cloud-native cybercrime platform. Their primary infiltration pathways into modern cloud infrastructure involve exploiting misconfigured Docker APIs, Kubernetes APIs, Ray dashboards, Redis servers, and vulnerable React/Next.js applications. These compromised environments are then repurposed for a wide array of malicious uses, including cryptocurrency mining, hosting illicit data, and serving as proxy or command-and-control (C2) relays.
Rather than innovating with novel attack techniques, TeamPCP leverages established and well-understood methods. This includes the utilization of existing tools, exploitation of known vulnerabilities, and taking advantage of prevalent misconfigurations. This strategic approach allows them to efficiently build an exploitation platform that automates and industrializes the entire compromise process, effectively transforming the exposed infrastructure into a self-propagating criminal ecosystem, as noted by Flare.
Infection Pathways and Payload Deployment
Successful exploitation opens the door for the deployment of next-stage payloads from external servers. These payloads often consist of shell and Python-based scripts designed to actively seek out new targets for further propagation. A key component is a tool referred to as “proxy.sh,” which is responsible for installing proxy, peer-to-peer (P2P), and tunneling utilities. It also delivers various scanners that continuously probe the internet for vulnerable and misconfigured servers.
Morag highlighted that “proxy.sh” performs environment fingerprinting during its runtime. The script specifically checks if it is operating within a Kubernetes cluster. If a Kubernetes environment is detected, the script initiates a distinct execution path, delivering a cluster-specific secondary payload. This indicates that TeamPCP employs tailored tooling and techniques for cloud-native targets, rather than relying solely on generic Linux malware.
Other notable payloads identified include:
- scanner.py: This script is designed to locate misconfigured Docker APIs and Ray dashboards by downloading lists of Classless Inter-Domain Routing (CIDR) blocks from a GitHub account associated with “DeadCatx3.” It also offers functionalities to run a cryptocurrency miner named “mine.sh.”
- kube.py: This payload incorporates Kubernetes-specific features for harvesting cluster credentials and performing API-based discovery of resources like pods and namespaces. It then deploys “proxy.sh” into accessible pods to enable broader propagation and establish a persistent backdoor by deploying a privileged pod on each node that mounts the host.
- react.py: This script exploits the React flaw (CVE-2025-29927) to achieve remote command execution across a large number of targets.
- pcpcat.py: This tool is engineered to discover exposed Docker APIs and Ray dashboards across extensive IP address ranges. It then automatically deploys a malicious container or job that executes a Base64-encoded payload.
Data gathered by cybersecurity firms indicates that the threat actors primarily target environments hosted on Amazon Web Services (AWS) and Microsoft Azure. The attacks are assessed to be opportunistic, focusing on infrastructure that aligns with their objectives rather than specific industries. Consequently, organizations utilizing such infrastructure can become “collateral victims” of this extensive attack campaign.
The C2 server node identified at the IP address 67.217.57[.]240 has also been linked to the operation of Sliver, an open-source C2 framework frequently abused by threat actors for post-exploitation activities. The PCPcat campaign exemplifies a complete attack lifecycle, encompassing scanning, exploitation, persistence, tunneling, data theft, and monetization, all meticulously engineered for modern cloud infrastructure. The danger posed by TeamPCP stems not from technical innovation, but from their operational integration and the sheer scale of their operations. In-depth analysis reveals that many of their exploits and malware are derived from well-known vulnerabilities and lightly modified open-source tools.
Hybrid Monetization Strategy
Simultaneously, TeamPCP combines infrastructure exploitation with data theft and extortion. Leaked CV databases, identity records, and corporate data are published through their “ShellForce” platform, serving to fuel ransomware operations, facilitate fraud, and build their cybercrime reputation. This hybrid monetization model allows the group to profit from both computational resources and sensitive information, providing them with diverse revenue streams and enhanced resilience against takedown efforts.
The ongoing nature of this campaign suggests that organizations relying on cloud-native architectures must remain vigilant. Future activities will likely focus on adapting to new vulnerabilities and further refining their operational efficiency. As TeamPCP continues to evolve its tactics, continuous monitoring and proactive security measures will be crucial for mitigating the risks associated with such pervasive cloud-native threats.