A cybercrime crew running an operation now dubbed **WP-SHELLSTORM** made a costly mistake: they left their own command-and-control server exposed on the public internet for three weeks. Researchers wh