TeamPCP Collaborates with Lapsus$ and Vect Ransomware to Exploit Stolen Supply Chain Secrets
Wiz researchers report a 'dangerous convergence' as the TeamPCP supply chain threat group partners with Lapsus$ and Vect ransomware to validate, exfiltrate, and monetize stolen cloud and Kubernetes credentials.
Researchers at Wiz, now part of Google Cloud, have uncovered evidence of a 'dangerous convergence' between supply chain attackers and extortion gangs. In a report published March 30, the team detailed how TeamPCP — the threat group behind a recent wave of malicious PyPI packages — is now collaborating with Lapsus$ and the Vect ransomware group to exploit stolen credentials harvested during supply chain compromises.
The stolen assets include cloud credentials, SSH keys, Kubernetes configuration files, and other coding process secrets. Wiz observed TeamPCP validating, encrypting, and exfiltrating these secrets to attacker-controlled domains. 'While the speed at which they were used suggests that it was the work of the same threat actors responsible for the supply chain operations, we are not able to rule out the secrets being shared with other groups and used by them,' the researchers wrote.
Wiz confirmed to Infosecurity that TeamPCP was 'explicitly collaborating with the notorious extortion group Lapsus$ to perpetuate the chaos.' Lapsus$ is an extortion-focused hacking group known for high-profile breaches via social engineering and credential theft, with suspected tactical overlaps — but no confirmed organizational ties — to Scattered Spider and ShinyHunters.
Ben Read, a lead researcher at Wiz, told Infosecurity: 'We are seeing a dangerous convergence between supply chain attackers and high-profile extortion groups like Lapsus$. By moving horizontally across the ecosystem – hitting tools like liteLLM that are present in over a third of cloud environments – they are creating a 'snowball effect.' This isn't an isolated incident; it's a systemic campaign that requires security teams to take action and will likely continue to expand.'
Meanwhile, Socket — one of the earliest firms to report the TeamPCP software supply chain attacks — shared posts attributed to the Vect ransomware group on BreachForums announcing a partnership with TeamPCP. 'Vect Ransomware Group is now partnering with TeamPCP, the operators behind the latest Trivy / LiteLLM supply chain compromises. Together, we are ready to deploy ransomware across all affected companies that got hit by these attacks, and we won't stop there,' the message read.
Vect is an emerging Russian-speaking ransomware-as-a-service (RaaS) group, operating as a structured affiliate model where core developers build the ransomware and affiliates carry out attacks, earning up to 80–88% of the profits. The partnership signals a new phase where supply chain compromises are directly chained into ransomware deployment.
TeamPCP first rose to notoriety by uploading malicious packages to PyPI, using typosquatting to trick developers. The group targeted Trivy (Aqua Security), Checkmarx's KICS scanner, LiteLLM AI Gateway, and the Telnyx Python package, injecting credential-stealing malware into official releases and GitHub Actions. The collaboration with extortion groups now amplifies the impact of those initial compromises, turning stolen secrets into a vector for ransomware attacks across affected organizations.