TeamPCP Supply Chain Attacks

Threat Overview - TeamPCP Supply Chain Attacks The TeamPCP supply chain compromise has recently emerged as a highly impactful campaign targeting widely used open-source ecosystems, specifically abusing trust in package repositories such as npm and PyPI. This activity has been linked to compromises involving popular developer tooling and libraries, including Trivy, LiteLLM, and Checkmarx KICS, where malicious code was introduced into legitimate packages and distributed downstream to unsuspecting users. Researchers observed that TeamPCP leveraged these trusted packages to execute malicious payloads during installation or runtime, effectively turning legitimate software into a delivery mechanism for credential theft and environment compromise. It is worthy to note that the compromise of LiteLLM in PyPI and Trivy-related npm packages significantly increased the potential blast radius due to their widespread adoption across cloud-native, DevOps, and AI-driven environments Verity471 References: SITREP 26.1: TeamPCP threat group conducts supply chain attack via Trivy vulnerability scanner SITREP 26.2: TeamPCP threat group conducts supply chain attack via Trivy vulnerability scanner Download The Emerging Threat Report Get your FREE Community Account today on the HUNTER Platform and get access to behavioral threat hunting content for your SIEM, EDR, NDR, and XDR platforms! Get Your HUNTER Community Account TeamPCP Hunt Collection ACCESS HUNT PACKAGE Related Hunt Packages Suspicious NPM Auth Token Retrieval via Encoded Python Captures the execution of high-entropy, encoded payloads (e.g., Base64) within Python command lines to identify fileless malware, obfuscated scripts, and evasion techniques like homoglyph bypasses. ACCESS HUNT PACKAGE User Context systemctl Invocation by Node.js - Suspicious Service Activity This hunt aims to surface cases where a node process invokes systemctl --user, which can indicate the creation or management of user-level systemd services for persistence. Attackers have abused this technique in supply chain attacks, such as CanisterWorm, to install backdoors that automatically restart and blend in with legitimate services by using trusted-sounding names like pgmon. ACCESS HUNT PACKAGE Usage of chmod to Enable Execution - Potential Payload Staging This hunt package identifies instances where the 'chmod' command is used to modify file permissions, specifically focusing on changes that grant executable rights. By correlating these events with user contexts and known file paths, the package aims to highlight potentially malicious activities, such as the preparation of a system for exploitation or the setup of persistence mechanisms by unauthorized users. ACCESS HUNT PACKAGE Suspicious NPM Auth Token Retrieval via npm config get This hunt package identifies retrieval of the npm registry authentication token using "npm config get", which may indicate credential access or token harvesting activity. ACCESS HUNT PACKAGE Python Executing from Non-Standard Directory This Threat Hunt package identifies suspicious Python executions originating from non-standard directories, such as hidden or unconventional locations signaling potential malware infection. ACCESS HUNT PACKAGE