Bleeping Computer

TeamPCP deploys Iran-targeted wiper in Kubernetes attacks

The TeamPCP hacking group is targeting Kubernetes clusters with a malicious script that wipes all machines when it detects systems configured for Iran. The threat actor is responsible for the recent ...
GitHub

gpo_modification_detection.yml

# a) Add malicious startup/logon script via GPO → executes on boot/login # b) Deploy malicious scheduled task via GPO → executes on all targets ...