Hackers hacking victims has become a strange reality in the cybersecurity world. In some cases, hackers themselves get targeted by new hacking groups.

Hackers hacking victims

Therefore, in a recent campaign, an unknown group targeted systems already compromised by another cybercrime group, TeamPCP. These new attackers evicted TeamPCP and wiped out their tools on the affected systems, as reported by cybersecurity firm SentinelOne.

Consequently, the hackers hacking victims used their access to deploy a self-spreading worm. This worm replicated through cloud infrastructure, stole credentials, and sent stolen data back to the hackers’ own systems.

Furthermore, TeamPCP has gained recent attention after a series of high-profile hacks. Their victims included the European Commission and major businesses using popular security tools.

This new hacking campaign, called “PCPJack” by SentinelOne researcher Alex Delamotte, is mysterious. It is unclear if the hackers hacking victims are ex-TeamPCP members, rivals, or third parties imitating TeamPCP methods, as explained in the original source and SentinelOne reports.

Additionally, the campaign mainly focuses on previous TeamPCP targets but also scans the internet for vulnerable services such as Docker and MongoDB. Most of the activity, however, focuses on taking over systems from TeamPCP.

According to the report, the hackers hacking victims tally how many systems they wrested from TeamPCP. They do this by sending info about successful takeovers to their own servers.

Furthermore, evidence shows the main objective is financial gain. The hackers hacking victims sell stolen credentials, broker access to compromised systems, or resort to extortion.

However, they do not deploy crypto-mining software, likely because it would not yield quick profits. They also use fake phishing sites and fraudulent help desk domains to trick more users, making the campaign more sophisticated.

To read more about hackers hacking victims, visit TechCrunch.

Tags: Hackers hacking victims, cybercrime groups, compromised systems, TeamPCP attacks, cloud infrastructure hacks, credential theft, cybersecurity threats, rival hackers