Overview
- Security teams report that TeamPCP’s ICP canister used for command and control was taken down after a short active window over the weekend, and there is no confirmed evidence of widespread data wiping.
- The same Internet Computer Protocol canister, backdoor code, and /tmp/pglog drop path tie Aqua Security’s Trivy compromise to malicious npm and GitHub packages in the campaign researchers call CanisterWorm.
- The worm checks for Iran’s locale or Tehran timezone and, when it finds Kubernetes, deploys a DaemonSet named Host-provisioner-iran that runs Alpine “kamikaze” pods to delete top-level host folders and force reboots.
- On non-Iranian Kubernetes clusters the malware instead installs a persistent Python backdoor via a DaemonSet named host-provisioner-std, and newer variants spread by parsing SSH logs and using stolen private keys.
- Researchers describe a shift toward abusing exposed Docker and Kubernetes control planes and CI/CD tokens, which can turn developers and build systems into unwitting spreaders unless credentials are rotated and dependencies are checked.