>The whole operation ran primarily from Mullvad VPN exit nodes and virtual private server infrastructure, with little effort made to blend in. This was a high-tempo, low-stealth campaign designed to extract as much value as possible, as fast as possible.[1]
>Wiz CIRT observed the bulk of TeamPCP’s activity originating from Mullvad Virtual Private Network (VPN) exit nodes and virtual private server hosts such as InterServer.[2]
>The whole operation ran primarily from Mullvad VPN exit nodes and virtual private server infrastructure, with little effort made to blend in. This was a high-tempo, low-stealth campaign designed to extract as much value as possible, as fast as possible.[1]
>Wiz CIRT observed the bulk of TeamPCP’s activity originating from Mullvad Virtual Private Network (VPN) exit nodes and virtual private server hosts such as InterServer.[2]
1: https://www.oligo.security/blog/teampcp-campaign-the-evoluti...
2: https://www.wiz.io/blog/tracking-teampcp-investigating-post-...