The remaining modules, which are imported by the orchestrator, were designed for specific purposes, including credential parsing, lateral movement, command-and-control (C&C) message encryption, cloud IP range lookups, and cloud scanning.From the local system, PCPJack can steal .env and configuration files, environment variables, SSH keys, cryptocurrency wallets, credentials, and tokens for various web apps and cloud services, including AWS, Kubernetes, Docker, Gmail, GitHub, Office 365/Outlook, RayML, Slack, and WordPress.“The types of credentials collected by the framework suggest PCPJack’s targeting motivations are primarily to conduct spam campaigns and financial fraud, or to simply monetize stolen credentials to actors with these focuses. The inclusion of enterprise productivity software like Slack and business database services expands the focus to extortion attacks,” SentinelOne says.PCPJack performs system reconnaissance to identify assets the machine connects to, attempts lateral movement, and downloads Parquet files from Common Crawl to identify additional targets over the internet and attempt to infect them.The spreading module targets known vulnerabilities in web applications, includingCVE-2025-29927(Next.js),CVE-2025-55182(React2Shell), CVE-2026-1357 (WPVivid Backup plugin for WordPress), CVE-2025-9501 (W3 Total Cache plugin for WordPress), andCVE-2025-48703(CentOS Web Panel).PCPJack also attempts to use the extracted credentials to propagate across Kubernetes, Docker, Redis, RayML, and MongoDB deployments, and leverages SSH keys to execute the initial script on remote machines. The framework uses Telegram for C&C and encrypts the data sent to its channel.During its investigation into the framework, SentinelOne identified a second toolset associated with the threat actor, which includes Sliver implants and credential theft across dozens of cloud services, including Anthropic, Digital Ocean, Discord, Google API, and others, as well as those targeted by PCPJack.“Overall, the two toolsets are well developed and indicate that the owner values making code as a modular framework, despite some redundancies in behavior. The occasional operational security lapses were interesting, particularly their choice to encrypt everything except for Telegram credentials and their own alleged infrastructure,” SentinelOne notes.Related:Vendor Says Daemon Tools Supply Chain Attack ContainedRelated:AI Coding Agents Could Fuel Next Supply Chain CrisisRelated:1,800 Hit in Mini Shai-Hulud Attack on SAP, Lightning, IntercomRelated:Sophisticated Quasar Linux RAT Targets Software Developers
From the local system, PCPJack can steal .env and configuration files, environment variables, SSH keys, cryptocurrency wallets, credentials, and tokens for various web apps and cloud services, including AWS, Kubernetes, Docker, Gmail, GitHub, Office 365/Outlook, RayML, Slack, and WordPress.“The types of credentials collected by the framework suggest PCPJack’s targeting motivations are primarily to conduct spam campaigns and financial fraud, or to simply monetize stolen credentials to actors with these focuses. The inclusion of enterprise productivity software like Slack and business database services expands the focus to extortion attacks,” SentinelOne says.PCPJack performs system reconnaissance to identify assets the machine connects to, attempts lateral movement, and downloads Parquet files from Common Crawl to identify additional targets over the internet and attempt to infect them.The spreading module targets known vulnerabilities in web applications, includingCVE-2025-29927(Next.js),CVE-2025-55182(React2Shell), CVE-2026-1357 (WPVivid Backup plugin for WordPress), CVE-2025-9501 (W3 Total Cache plugin for WordPress), andCVE-2025-48703(CentOS Web Panel).PCPJack also attempts to use the extracted credentials to propagate across Kubernetes, Docker, Redis, RayML, and MongoDB deployments, and leverages SSH keys to execute the initial script on remote machines. The framework uses Telegram for C&C and encrypts the data sent to its channel.During its investigation into the framework, SentinelOne identified a second toolset associated with the threat actor, which includes Sliver implants and credential theft across dozens of cloud services, including Anthropic, Digital Ocean, Discord, Google API, and others, as well as those targeted by PCPJack.“Overall, the two toolsets are well developed and indicate that the owner values making code as a modular framework, despite some redundancies in behavior. The occasional operational security lapses were interesting, particularly their choice to encrypt everything except for Telegram credentials and their own alleged infrastructure,” SentinelOne notes.Related:Vendor Says Daemon Tools Supply Chain Attack ContainedRelated:AI Coding Agents Could Fuel Next Supply Chain CrisisRelated:1,800 Hit in Mini Shai-Hulud Attack on SAP, Lightning, IntercomRelated:Sophisticated Quasar Linux RAT Targets Software Developers
“The types of credentials collected by the framework suggest PCPJack’s targeting motivations are primarily to conduct spam campaigns and financial fraud, or to simply monetize stolen credentials to actors with these focuses. The inclusion of enterprise productivity software like Slack and business database services expands the focus to extortion attacks,” SentinelOne says.PCPJack performs system reconnaissance to identify assets the machine connects to, attempts lateral movement, and downloads Parquet files from Common Crawl to identify additional targets over the internet and attempt to infect them.The spreading module targets known vulnerabilities in web applications, includingCVE-2025-29927(Next.js),CVE-2025-55182(React2Shell), CVE-2026-1357 (WPVivid Backup plugin for WordPress), CVE-2025-9501 (W3 Total Cache plugin for WordPress), andCVE-2025-48703(CentOS Web Panel).PCPJack also attempts to use the extracted credentials to propagate across Kubernetes, Docker, Redis, RayML, and MongoDB deployments, and leverages SSH keys to execute the initial script on remote machines. The framework uses Telegram for C&C and encrypts the data sent to its channel.During its investigation into the framework, SentinelOne identified a second toolset associated with the threat actor, which includes Sliver implants and credential theft across dozens of cloud services, including Anthropic, Digital Ocean, Discord, Google API, and others, as well as those targeted by PCPJack.“Overall, the two toolsets are well developed and indicate that the owner values making code as a modular framework, despite some redundancies in behavior. The occasional operational security lapses were interesting, particularly their choice to encrypt everything except for Telegram credentials and their own alleged infrastructure,” SentinelOne notes.Related:Vendor Says Daemon Tools Supply Chain Attack ContainedRelated:AI Coding Agents Could Fuel Next Supply Chain CrisisRelated:1,800 Hit in Mini Shai-Hulud Attack on SAP, Lightning, IntercomRelated:Sophisticated Quasar Linux RAT Targets Software Developers
PCPJack performs system reconnaissance to identify assets the machine connects to, attempts lateral movement, and downloads Parquet files from Common Crawl to identify additional targets over the internet and attempt to infect them.The spreading module targets known vulnerabilities in web applications, includingCVE-2025-29927(Next.js),CVE-2025-55182(React2Shell), CVE-2026-1357 (WPVivid Backup plugin for WordPress), CVE-2025-9501 (W3 Total Cache plugin for WordPress), andCVE-2025-48703(CentOS Web Panel).PCPJack also attempts to use the extracted credentials to propagate across Kubernetes, Docker, Redis, RayML, and MongoDB deployments, and leverages SSH keys to execute the initial script on remote machines. The framework uses Telegram for C&C and encrypts the data sent to its channel.During its investigation into the framework, SentinelOne identified a second toolset associated with the threat actor, which includes Sliver implants and credential theft across dozens of cloud services, including Anthropic, Digital Ocean, Discord, Google API, and others, as well as those targeted by PCPJack.“Overall, the two toolsets are well developed and indicate that the owner values making code as a modular framework, despite some redundancies in behavior. The occasional operational security lapses were interesting, particularly their choice to encrypt everything except for Telegram credentials and their own alleged infrastructure,” SentinelOne notes.Related:Vendor Says Daemon Tools Supply Chain Attack ContainedRelated:AI Coding Agents Could Fuel Next Supply Chain CrisisRelated:1,800 Hit in Mini Shai-Hulud Attack on SAP, Lightning, IntercomRelated:Sophisticated Quasar Linux RAT Targets Software Developers
The spreading module targets known vulnerabilities in web applications, includingCVE-2025-29927(Next.js),CVE-2025-55182(React2Shell), CVE-2026-1357 (WPVivid Backup plugin for WordPress), CVE-2025-9501 (W3 Total Cache plugin for WordPress), andCVE-2025-48703(CentOS Web Panel).PCPJack also attempts to use the extracted credentials to propagate across Kubernetes, Docker, Redis, RayML, and MongoDB deployments, and leverages SSH keys to execute the initial script on remote machines. The framework uses Telegram for C&C and encrypts the data sent to its channel.During its investigation into the framework, SentinelOne identified a second toolset associated with the threat actor, which includes Sliver implants and credential theft across dozens of cloud services, including Anthropic, Digital Ocean, Discord, Google API, and others, as well as those targeted by PCPJack.“Overall, the two toolsets are well developed and indicate that the owner values making code as a modular framework, despite some redundancies in behavior. The occasional operational security lapses were interesting, particularly their choice to encrypt everything except for Telegram credentials and their own alleged infrastructure,” SentinelOne notes.Related:Vendor Says Daemon Tools Supply Chain Attack ContainedRelated:AI Coding Agents Could Fuel Next Supply Chain CrisisRelated:1,800 Hit in Mini Shai-Hulud Attack on SAP, Lightning, IntercomRelated:Sophisticated Quasar Linux RAT Targets Software Developers
PCPJack also attempts to use the extracted credentials to propagate across Kubernetes, Docker, Redis, RayML, and MongoDB deployments, and leverages SSH keys to execute the initial script on remote machines. The framework uses Telegram for C&C and encrypts the data sent to its channel.During its investigation into the framework, SentinelOne identified a second toolset associated with the threat actor, which includes Sliver implants and credential theft across dozens of cloud services, including Anthropic, Digital Ocean, Discord, Google API, and others, as well as those targeted by PCPJack.“Overall, the two toolsets are well developed and indicate that the owner values making code as a modular framework, despite some redundancies in behavior. The occasional operational security lapses were interesting, particularly their choice to encrypt everything except for Telegram credentials and their own alleged infrastructure,” SentinelOne notes.Related:Vendor Says Daemon Tools Supply Chain Attack ContainedRelated:AI Coding Agents Could Fuel Next Supply Chain CrisisRelated:1,800 Hit in Mini Shai-Hulud Attack on SAP, Lightning, IntercomRelated:Sophisticated Quasar Linux RAT Targets Software Developers
During its investigation into the framework, SentinelOne identified a second toolset associated with the threat actor, which includes Sliver implants and credential theft across dozens of cloud services, including Anthropic, Digital Ocean, Discord, Google API, and others, as well as those targeted by PCPJack.“Overall, the two toolsets are well developed and indicate that the owner values making code as a modular framework, despite some redundancies in behavior. The occasional operational security lapses were interesting, particularly their choice to encrypt everything except for Telegram credentials and their own alleged infrastructure,” SentinelOne notes.Related:Vendor Says Daemon Tools Supply Chain Attack ContainedRelated:AI Coding Agents Could Fuel Next Supply Chain CrisisRelated:1,800 Hit in Mini Shai-Hulud Attack on SAP, Lightning, IntercomRelated:Sophisticated Quasar Linux RAT Targets Software Developers
“Overall, the two toolsets are well developed and indicate that the owner values making code as a modular framework, despite some redundancies in behavior. The occasional operational security lapses were interesting, particularly their choice to encrypt everything except for Telegram credentials and their own alleged infrastructure,” SentinelOne notes.Related:Vendor Says Daemon Tools Supply Chain Attack ContainedRelated:AI Coding Agents Could Fuel Next Supply Chain CrisisRelated:1,800 Hit in Mini Shai-Hulud Attack on SAP, Lightning, IntercomRelated:Sophisticated Quasar Linux RAT Targets Software Developers
Related:Vendor Says Daemon Tools Supply Chain Attack ContainedRelated:AI Coding Agents Could Fuel Next Supply Chain CrisisRelated:1,800 Hit in Mini Shai-Hulud Attack on SAP, Lightning, IntercomRelated:Sophisticated Quasar Linux RAT Targets Software Developers
Related:AI Coding Agents Could Fuel Next Supply Chain CrisisRelated:1,800 Hit in Mini Shai-Hulud Attack on SAP, Lightning, IntercomRelated:Sophisticated Quasar Linux RAT Targets Software Developers
Source: SecurityWeek
