TeamPCP Breaches Cloud, SaaS Instances With Stolen Credentials
Summary
TeamPCP weaponised supply-chain compromises of open-source projects (Trivy, KICS, LiteLLM and Telnyx) to deploy infostealer malware and harvest credentials, API keys, SSH keys and other secrets. After validating stolen secrets (using tools such as Trufflehog), the actors quickly moved into cloud and SaaS environments — notably AWS, Azure and GitHub — performed extensive enumeration (IAM roles, S3 buckets, ECS instances), abused features like ECS Exec to run commands inside containers, and exfiltrated data from S3 and AWS Secrets Manager. Wiz Research investigated multiple post-compromise incidents and published indicators of compromise; affected organisations are urged to rotate and revoke credentials and hunt for anomalous activity.
Key Points
- TeamPCP injected infostealers into compromised open-source projects to harvest secrets and credentials.
- Stolen secrets were validated rapidly (Trufflehog observed) and weaponised in as little as 24 hours.
- Compromises affected multiple cloud and SaaS environments (AWS, Azure, GitHub and others), not just a single provider.
- Attackers conducted broad enumeration (IAM, S3, ECS) and abused ECS Exec and GitHub workflows/PATs to execute code and clone repos at scale.
- Wiz advises immediate rotation/revocation of all secrets, enabling audit logging and active threat hunting for suspicious activity.
- Look for IOCs and warning signs such as mass git.clone events, unusual VPN usage and rapid enumeration behaviour.
Context and Relevance
This incident highlights a dangerous trajectory: supply-chain compromises feeding rapid credential theft and then cloud takeover. For any organisation using open-source dependencies, CI/CD pipelines or cloud services, the story reinforces that identity and secrets hygiene — plus speed of response — are critical. Attackers now favour speed over stealth, reusing validated credentials across environments to multiply impact, so monitoring, rotation and audit trails are essential defences.
Why should I read this?
Short version: if you use open-source stuff or run things in the cloud, pay attention. TeamPCP turned poisoned packages into stolen keys, then into cloud breaches — often within a day. Read this so you know what to rotate, what to hunt for, and how to harden monitoring before you become the next quick win for attackers.