‘CanisterWorm’ Springs Wiper Attack Targeting Iran – Krebs on Security
Advertisement
Advertisement
Skip to content
HomeAbout the Author
Advertising/Speaking
‘CanisterWorm’ Springs Wiper Attack Targeting Iran
March 23, 2026
2 Comments
A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured cloud services and wipes data on infected systems that use Iran’s time zone or have Farsi set as the default language.
Experts say the wiper campaign against Iran materialized this past weekend and came from a relatively new cybercrime group known as TeamPCP. In December 2025, the group began compromising corporate cloud environments using a self-propagating worm that went after exposed Docker APIs, Kubernetes clusters, Redis servers, and the React2Shell vulnerability. TeamPCP then attempted to move laterally through victim networks, siphoning authentication credentials and extorting victims over Telegram.
A snippet of the malicious CanisterWorm that seeks out and destroys data on systems that match Iran’s timezone or have Farsi as the default language. Image: Aikido.dev.
In a profile of TeamPCP published in January, the security firm Flare said the group weaponizes exposed control planes rather than exploiting endpoints, predominantly targeting cloud infrastructure over end-user devices, with Azure (61%) and AWS (36%) accounting for 97% of compromised servers.
“TeamPCP’s strength does not come from novel exploits or original malware, but from the large-scale automation and integration of well-known attack techniques,” Flare’s Assaf Morag wrote. “The group industrializes existing vulnerabilities, misconfigurations, and recycled tooling into a cloud-native exploitation platform that turns exposed infrastructure into a self-propagating criminal ecosystem.”
On March 19, TeamPCP executed a supply chain attack against the vulnerability scanner Trivy from Aqua Security, injecting credential-stealing malware into official releases on GitHub actions. Aqua Security said it has since removed the harmful files, but the security firm Wiz notes the attackers were able to publish malicious versions that snarfed SSH keys, cloud credentials, Kubernetes tokens and cryptocurrency wallets from users.
Over the weekend, the same technical infrastructure TeamPCP used in the Trivy attack was leveraged to deploy a new malicious payload which executes a wiper attack if the user’s timezone and locale are determined to correspond to Iran, said Charlie Eriksen, a security researcher at Aikido. In a blog post published on Sunday, Eriksen said if the wiper component detects that the victim is in Iran and has access to a Kubernetes cluster, it will destroy data on every node in that cluster.
“If it doesn’t it will just wipe the local machine,” Eriksen told KrebsOnSecurity.
Image: Aikido.dev.
Aikido refers to TeamPCP’s infrastructure as “CanisterWorm” because the group orchestrates their campaigns using an Internet Computer Protocol (ICP) canister — a system of tamperproof, blockchain-based “smart contracts” that combine both code and data. ICP canisters can serve Web content directly to visitors, and their distributed architecture makes them resistant to takedown attempts. These canisters will remain reachable so long as their operators continue to pay virtual currency fees to keep them online.
Eriksen said the people behind TeamPCP are bragging about their exploits in a group on Telegram and claim to have used the worm to steal vast amounts of sensitive data from major companies, including a large multinational pharmaceutical firm.
“When they compromised Aqua a second time, they took a lot of GitHub accounts and started spamming these with junk messages,” Eriksen said. “It was almost like they were just showing off how much access they had. Clearly, they have an entire stash of these credentials, and what we’ve seen so far is probably a small sample of what they have.”
Security experts say the spammed GitHub messages could be a way for TeamPCP to ensure that any code packages tainted with their malware will remain prominent in GitHub searches. In a newsletter published today titled GitHub is Starting to Have a Real Malware Problem, Risky Business reporter Catalin Cimpanu writes that attackers often are seen pushing meaningless commits to their repos or using online services that sell GitHub stars and “likes” to keep malicious packages at the top of the GitHub search page.
This weekend’s outbreak is the second major supply chain attack involving Trivy in as many months. At the end of February, Trivy was hit as part of an automated threat called HackerBot-Claw, which mass exploited misconfigured workflows in GitHub Actions to steal authentication tokens.
Eriksen said it appears TeamPCP used access gained in the first attack on Aqua Security to perpetrate this weekend’s mischief. But he said there is no reliable way to tell whether TeamPCP’s wiper actually succeeded in trashing any data from victim systems, and that the malicious payload was only active for a short time over the weekend.
“They’ve been taking [the malicious code] up and down, rapidly changing it adding new features,” Eriksen said, noting that when the malicious canister wasn’t serving up malware downloads it was pointing visitors to a Rick Roll video on YouTube.
“It’s a little all over the place, and there’s a chance this whole Iran thing is just their way of getting attention,” Eriksen said. “I feel like these people are really playing this Chaotic Evil role here.”
Cimpanu observed that supply chain attacks have increased in frequency of late as threat actors begin to grasp just how efficient they can be, and his post documents an alarming number of these incidents since 2024.
“While security firms appear to be doing a good job spotting this, we’re also gonna need GitHub’s security team to step up,” Cimpanu wrote. “Unfortunately, on a platform designed to copy (fork) a project and create new versions of it (clones), spotting malicious additions to clones of legitimate repos might be quite the engineering problem to fix.”
Update, 2:40 p.m. ET: Wiz is reporting that TeamPCP also pushed credential stealing malware to the KICS vulnerability scanner from Checkmarx, and that the scanner’s GitHub Action was compromised between 12:58 and 16:50 UTC today (March 23rd).
This entry was posted on Monday 23rd of March 2026 11:43 AM
A Little Sunshine Latest Warnings Ne'er-Do-Well News Ransomware The Coming Storm
Aikido Aqua Security Assaf Morag CanisterWorm Catalin Cimpanu Charlie Eriksen Flare ICP Internet Computer Protocol TeamPCP Trivy Wiz
Post navigation
← Feds Disrupt IoT Botnets Behind Huge DDoS Attacks
2 thoughts on “‘CanisterWorm’ Springs Wiper Attack Targeting Iran”
mark March 23, 2026
Interestingly, after the huge demonstrations a couple months ago, Iran shut down most of the Internet. Sorta kills the effect on Iranians of this attack.
Reply →
Fred Trump March 23, 2026
The world would be a more stable place if the orange mental one hadn’t been coaxed into a Middle East war by Israel.
“I’m the President of Peace and will start no new wars”. Then jumping back to 2011 he outed the facts about himself: “The President will start a war with Iran to cover his crimes and because he’s a terrible negotiator … “.
One of these days, one of these days ….
Reply →
Leave a Reply Cancel replyYour email address will not be published. Required fields are marked *Comment * Name *
Email *
Website
Δ
Advertisement
Advertisement
Mailing ListSubscribe hereSearch KrebsOnSecurity
Search for:
Recent Posts
‘CanisterWorm’ Springs Wiper Attack Targeting Iran
Feds Disrupt IoT Botnets Behind Huge DDoS Attacks
Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker
Microsoft Patch Tuesday, March 2026 Edition
How AI Assistants are Moving the Security Goalposts
Story Categories
A Little Sunshine
All About Skimmers
Ashley Madison breach
Breadcrumbs
Data Breaches
DDoS-for-Hire
DOGE
Employment Fraud
How to Break Into Security
Internet of Things (IoT)
Latest Warnings
Ne'er-Do-Well News
Other
Pharma Wars
Ransomware
Russia's War on Ukraine
Security Tools
SIM Swapping
Spam Nation
Target: Small Businesses
Tax Refund Fraud
The Coming Storm
Time to Patch
Web Fraud 2.0
Why So Many Top Hackers Hail from Russia
© Krebs on Security - Mastodon |
According to a Krebs on Security report published on March 23, 2026, a financially motivated, data theft and extortion group, TeamPCP, is conducting a targeted wiper campaign against Iran. This campaign utilizes a worm that spreads through insufficiently secured cloud services, specifically targeting systems based in Iran due to their time zone and Farsi language settings. The worm’s destructive capability involves wiping data from affected systems, including Kubernetes clusters, and potentially individual machines.
TeamPCP's operational methodology, as detailed by Flare security firm, centers on weaponizing exposed control planes rather than traditional endpoint exploitation. They industrialize existing vulnerabilities and misconfigurations into a cloud-native exploitation platform, effectively transforming compromised infrastructure into a self-propagating criminal ecosystem. The group’s tactics include laterally movement to steal authentication credentials and leveraging Telegram for extortion attempts.
A key element of TeamPCP’s strategy is using Internet Computer Protocol (ICP) canisters – tamper-proof, blockchain-based “smart contracts” – to orchestrate their campaigns. These canisters, maintained through virtual currency fees, ensure persistent accessibility, regardless of attempted takedowns. The security researcher Charlie Eriksen at Aikido has termed this payload “CanisterWorm,” reflecting its mechanism of operation.
The attack chain began with TeamPCP’s supply chain attack against the Trivy vulnerability scanner from Aqua Security, which resulted in the injection of credential-stealing malware into official GitHub Actions releases. Aqua Security subsequently removed the malicious files, but Wiz noted the attackers’ ability to publish harmful versions that extracted SSH keys, cloud credentials, Kubernetes tokens, and cryptocurrency wallets.
Following the initial Trivy incident, TeamPCP leveraged similar infrastructure to deploy the wiper component, which activates when a system’s timezone and locale match Iran. The payload’s behavior is dynamic, frequently changing and incorporating new features, and has at times utilized Rick Roll videos to mislead users. Notably, this activity has included spamming GitHub accounts with meaningless commits and utilizing online services to artificially inflate the visibility of malicious packages.
Catalin Cimpanu of Risky Business highlights a concerning trend: supply chain attacks have been increasing in frequency, driven by threat actors recognizing their efficiency. The incident with Trivy follows a similar automated threat involving HackerBot-Claw in February. Aikido’s Eriksen acknowledges that the ultimate success of the wiper attack remains uncertain, as the attacker’s ceased it’s operation over the weekend.
Furthermore, the Aikido team has noted an ongoing shift in deployment tactics, with TeamPCP constantly adjusting the malicious canister, attempting to maintain its effectiveness. The group is reportedly boasting about their exploits in a Telegram group, and it is believed they have amassed a significant collection of compromised credentials.
Mailing list updates and further discussion regarding supply chain attacks and GitHub security were also cited in the report. |