🦠 Ransomware & Malware

CanisterWorm: Cybercrooks Hijack Iran Tensions for Cloud Data Heists

A worm called CanisterWorm just lit up Iranian cloud setups, wiping data based on time zones and language. Behind it? TeamPCP, who own 97% of their hits on Azure and AWS misconfigs.

James Kowalski 📅 Apr 03, 2026 ⏱️ 3 min read 👁️ 0 views

Digital worm icon spreading through cloud servers with Iranian flag overlay

⚡ Key Takeaways

TeamPCP exploits cloud misconfigs in 97% Azure/AWS environments for automated breaches.
CanisterWorm uses blockchain ICP canisters for resilient, takedown-proof delivery.
Financially driven, not geopolitical; predicts escalation to broader ransomware waves.

🧠 What's your take on this?

Cast your vote and see what Threat Digest readers think

Written by

James Kowalski

Investigative tech reporter focused on AI ethics, regulation, and societal impact.

#CanisterWorm #TeamPCP #cloud exploits #cloud worm #wiper malware

Worth sharing?

Get the best Cybersecurity stories of the week in your inbox — no noise, no spam.

Originally reported by Krebs on Security

CanisterWorm: Cybercrooks Hijack Iran Tensions for Cloud Data Heists

⚡ Key Takeaways

The 60-Second TL;DR

🧠 What's your take on this?

Community Consensus

James Kowalski

Worth sharing?

⚡ Key Takeaways

The 60-Second TL;DR

🧠 What's your take on this?

Community Consensus

James Kowalski

Share this article

Worth sharing?

Related Stories

0ktapus Phishing Snags 10,000 Credentials Across 130 Companies—Your MFA Is the Weak Link

Claude Code's 50-Command Cap: The Bypass That Unlocks Your Dev Machine

TeamPCP's Supply Chain Onslaught Hits Databricks, Splits Ransomware Into Two Deadly Tracks

REF1695's ISO Trick: $9K Crypto Haul from Fake Installers and RATs

Stay in the loop