In an email, Aikido researcher Charlie Eriksen said the canister was taken down Sunday night and is not any longer available.
“It wasn’t as reliable/untouchable as they expected,” Eriksen wrote. “But for some time, it will have wiped systems if infected.”
Like previous TeamPCP malware, CanisterWorm, as Aikido has named the malware, targets organizations’ CI/CD pipelines used for rapid development and deployment of software.
“Every developer or CI pipeline that installs this package and has an npm token accessible becomes an unwitting propagation vector, Eriksen wrote. “Their packages get infected, their downstream users install those, and if any of them have tokens, the cycle repeats.”
Because the weekend progressed, CanisterWorm was updated so as to add a further payload: a wiper that targets machines exclusively in Iran. When the updated worm infects machines, it checks if the machine is within the Iranian timezone or is configured to be used in that country. When either condition was met, the malware now not activated the credential stealer and as a substitute triggered a novel wiper that TeamPCP developers named Kamikaze. Eriksen said in an email that there’s no indication yet that the worm caused actual damage to Iranian machines, but that there was “clear potential for large-scale impact if it achieves lively spread.”
Eriksen said Kamikaze’s “decision tree is easy and brutal.”
- Kubernetes + Iran: Deploy a DaemonSet that wipes every node within the cluster
- Kubernetes + elsewhere: Deploy a DaemonSet that installs the CanisterWorm backdoor on every node
- No Kubernetes + Iran:
rm -rf / --no-preserve-root - No Kubernetes + elsewhere: Exit. Nothing happens.
TeamPCP’s targeting of a rustic that the US is currently at war with is a curious alternative. To date the group’s motivation has been financial gain. With no clear connection to monetary profit, the wiper seems out of character for TeamPCP. Eriksen said Aikido still doesn’t know the motive. He wrote:
While there could also be an ideological component, it could just as easily be a deliberate try and draw attention to the group. Historically, TeamPCP has seemed to be financially motivated, but there are signs that visibility is becoming a goal in itself. By going after security tools and open-source projects, including Checkmarx as of today, they’re sending a transparent and deliberate signal.
The hack that keeps on giving
Last week’s supply-chain compromise of Trivy was made possible by a previous compromise of Aqua Security in late February. Although the corporate’s incident response was intended to switch all compromised credentials, the rotation was incomplete, allowing TeamPCP to take control of the GitHub account for distributing the vulnerability scanner. Aqua Security said it was performing a more thorough credential purge in response.
