PCPJack hijacks two hundred thirty cloud servers to send spam

Published on June 06, 2026 | Translated from Spanish

A group of cybercriminals known as PCPJack has compromised 230 cloud servers on AWS, Google Cloud, and Azure. The goal of this operation is to create a hidden network for sending spam emails. Users should be alert, as these servers can be used to spread scams, malware, and phishing, affecting the security of personal and corporate data.

cloud servers in a dark data center rack, glowing red network cables connecting compromised machines, a hidden spam botnet activation process, malicious code injection interface visible on a floating holographic screen, email envelopes with skull icons streaming out of the servers, blue and red warning lights flashing on hardware, dramatic low-angle shot, cinematic cybersecurity visualization, high contrast shadows, metallic server chassis, photorealistic technical render

How the hidden network of compromised servers operates 🛡️

The attackers took advantage of weak configurations and exposed credentials to infiltrate cloud instances. Once inside, they installed automation scripts that send millions of spam emails from legitimate IP addresses, bypassing antispam filters. This type of attack, known as spam cloud, exploits the reputation of providers to evade blocks. Affected companies must audit their environments and rotate access keys to mitigate the damage.

Spam with a cloud flavor: PCPJack's new catering ☁️

If you thought spam only came from dark basements, PCPJack shows you that it is now served from the cloud, with all the comfort of AWS and Azure. These criminals have set up an unsolicited advertising agency that operates 24/7. The saddest part is that while they make money, users receive offers from Nigerian princes with a cloud certificate. At least the infrastructure is first-class.