New CanisterWorm Wiper Targets Iran via Cloud Exploits, Security Experts Warn

TeamPCP’s CanisterWorm Wipes Data on Iran-Linked Systems

A financially motivated cybercrime group known as TeamPCP has launched a destructive wiper attack targeting systems in Iran. The campaign, dubbed CanisterWorm, spreads through poorly secured cloud services and wipes data on infected systems that use Iran’s time zone or have Farsi set as the default language.

Security researchers report the attack materialized over the past weekend and originates from TeamPCP, a group that emerged in late 2025. The group initially compromised corporate cloud environments using a self-propagating worm targeting exposed Docker APIs, Kubernetes clusters, Redis servers, and the React2Shell vulnerability.

How TeamPCP Operates: Automation and Cloud Exploitation

In a January profile, security firm Flare described TeamPCP’s strategy as relying on exposed control planes rather than endpoint exploits. The group predominantly targets cloud infrastructure, with Azure (61%) and AWS (36%) accounting for 97% of compromised servers.

"TeamPCP’s strength does not come from novel exploits or original malware, but from the large-scale automation and integration of well-known attack techniques. The group industrializes existing vulnerabilities, misconfigurations, and recycled tooling into a cloud-native exploitation platform that turns exposed infrastructure into a self-propagating criminal ecosystem."

Supply Chain Attack on Trivy Highlights TeamPCP’s Tactics

On March 19, 2025, TeamPCP executed a supply chain attack against Trivy, a vulnerability scanner developed by Aqua Security. The attackers injected credential-stealing malware into official releases on GitHub Actions. While Aqua Security removed the harmful files, security firm Wiz noted that malicious versions were published, stealing SSH keys, cloud credentials, Kubernetes tokens, and cryptocurrency wallets from users.

CanisterWorm: A Destructive Payload Targeting Iran

Over the weekend, TeamPCP deployed a new malicious payload using the same technical infrastructure as the Trivy attack. The payload, identified as a wiper, executes if the victim’s timezone and locale correspond to Iran, according to Charlie Eriksen, a security researcher at Aikido.

In a blog post published on Sunday, March 23, 2025, Eriksen explained that if the wiper component detects a victim in Iran with access to a Kubernetes cluster, it will destroy data on every node in that cluster. Otherwise, it will wipe the local machine.

"If it doesn’t [detect a Kubernetes cluster], it will just wipe the local machine."

ICP Canisters: The Backbone of TeamPCP’s Infrastructure

Aikido refers to TeamPCP’s infrastructure as CanisterWorm because the group orchestrates campaigns using Internet Computer Protocol (ICP) canisters. These canisters are tamperproof, blockchain-based "smart contracts" that combine code and data, serving web content directly to visitors. Their distributed architecture makes them resistant to takedown attempts, remaining reachable as long as operators continue paying virtual currency fees to keep them online.

Eriksen noted that TeamPCP members are bragging about their exploits in a Telegram group, claiming to have stolen vast amounts of sensitive data from major companies, including a major oil company.

Key Takeaways for Organizations

• Cloud Security: Exposed Docker APIs, Kubernetes clusters, and Redis servers are prime targets for self-propagating worms like CanisterWorm.
• Supply Chain Risks: Supply chain attacks, such as the one on Trivy, highlight the need for rigorous vetting of third-party software and updates.
• Geographic Targeting: The wiper component specifically targets systems using Iran’s time zone or Farsi language settings, underscoring the importance of monitoring for unusual locale-based activity.
• Defensive Measures: Organizations should prioritize securing cloud control planes, implementing multi-factor authentication, and regularly auditing cloud environments for misconfigurations.