Cyber Threat Trends

Summary: 2025/04/28 20:11

First reported date: 2012/03/26
Inquiry period : 2025/03/29 20:11 ~ 2025/04/28 20:11 (1 months), 82 search results

전 기간대비 43% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 APT Campaign Malware North Korea dprk 입니다.
악성코드 유형 GraphicalNeutrino ShadowPad 도 새롭게 확인됩니다.
공격자 APT29 SideCopy 도 새롭게 확인됩니다.
공격기술 Spear Phishing 도 새롭게 확인됩니다.
기관 및 기업 Japan SECUI Check Point Ukraine Ucraina 북한 도 새롭게 확인됩니다.
기타 cti flaw March RDP BlueKeep 등 신규 키워드도 확인됩니다.

* 최근 뉴스기사 Top3:
    ㆍ 2025/04/25 Earth Kurma APT Campaign Targets Southeast Asian Government, Telecom Sectors
    ㆍ 2025/04/25 Earth Kurma APT Campaign Targets Southeast Asian Government, Telecom Sectors
    ㆍ 2025/04/15 Renewed APT29 Phishing Campaign Against European Diplomats

Date range button:

First seen:

Last seen:

Keyword

Trend graph by period

Related keyword cloud

Top 100

#	Trend	Count	Comparison
1	APT	82	▲ 35 (43%)
2	Campaign	70	▲ 29 (41%)
3	Malware	21	▲ 7 (33%)
4	North Korea	17	▲ 14 (82%)
5	dprk	16	▲ 13 (81%)
6	group	13	▲ 9 (69%)
7	attack	13	▲ 5 (38%)
8	Report	13	▲ 8 (62%)
9	IoC	12	▲ 7 (58%)
10	Kimsuky	12	▲ 11 (92%)
11	Exploit	12	▲ 6 (50%)
12	target	12	▲ 1 (8%)
13	hacking	11	▲ 9 (82%)
14	South Korea	11	▲ 9 (82%)
15	cti	11	▲ new
16	securityaffairs	10	▲ 8 (80%)
17	China	8	▼ -1 (-13%)
18	Konni	8	▲ 6 (75%)
19	Lazarus	7	▲ 6 (86%)
20	Government	7	▲ 3 (43%)
21	AhnLab	7	▲ 5 (71%)
22	Update	7	▲ 6 (86%)
23	Kaspersky	6	▲ 2 (33%)
24	Phishing	6	▲ 3 (50%)
25	GraphicalNeutrino	6	▲ new
26	flaw	6	▲ new
27	APT29	6	▲ new
28	SideWinder	5	- 0 (0%)
29	Europe	5	▲ 4 (80%)
30	file	5	▲ 4 (80%)
31	Russia	4	▲ 2 (50%)
32	March	4	▲ new
33	Japan	4	▲ new
34	RDP	4	▲ new
35	BlueKeep	4	▲ new
36	South	4	▲ 2 (50%)
37	SECUI	4	▲ new
38	Earth	4	▲ new
39	Chinalinked	3	▲ 2 (67%)
40	c&c	3	▲ 1 (33%)
41	SideCopy	3	▲ new
42	ESET	3	▲ 2 (67%)
43	recent	3	▲ new
44	espionage	3	▲ new
45	C2	3	- 0 (0%)
46	lnk	3	▲ 1 (33%)
47	AhnLabSecuInfo	3	▲ new
48	sample	3	▲ new
49	Vulnerability	3	▲ 2 (67%)
50	Kurma	3	▲ new
51	Korea	3	▲ 1 (33%)
52	Larva	3	▲ new
53	Software	2	▲ 1 (50%)
54	European	2	▲ new
55	보고서	2	▲ new
56	Check Point	2	▲ new
57	Labs	2	▲ new
58	ToddyCat	2	▲ new
59	Infra	2	▲ new
60	NortonLifeLock	2	▼ -1 (-50%)
61	Point	2	▲ new
62	ThreatProtection	2	▼ -1 (-50%)
63	Seqrite	2	▲ new
64	Russian	2	▲ new
65	flaxtyphoon	2	▲ new
66	ShadowPad	2	▲ new
67	multiple	2	▲ new
68	Billbug	2	▲ new
69	그룹	2	▲ new
70	Profiles	2	▲ new
71	Mustang	2	▲ new
72	Operation	2	- 0 (0%)
73	Panda	2	▲ 1 (50%)
74	Ukraine	2	▲ new
75	Ucraina	2	▲ new
76	cve	2	▲ new
77	randomquery	2	▲ new
78	APT37	2	▼ -3 (-150%)
79	Check	2	▲ new
80	Comment	2	▲ new
81	North	2	▲ new
82	name	2	▲ new
83	Spear Phishing	2	▲ new
84	amp	2	▲ new
85	Backdoor	2	▼ -3 (-150%)
86	synchole	2	▲ new
87	httpsgofinanciallycomimagesupload	2	▲ new
88	Reading	2	- 0 (0%)
89	key	2	▲ new
90	Patchwork	2	▲ 1 (50%)
91	Dark	2	- 0 (0%)
92	Research	2	▲ new
93	Southeast	2	▲ new
94	suspicious	2	▲ 1 (50%)
95	VT	2	▲ new
96	RokRAT	2	- 0 (0%)
97	India	2	▲ 1 (50%)
98	북한	2	▲ new
99	과세표준	1	▲ new
100	Cobalt Strike	1	- 0 (0%)

Special keyword group

Top 5

Malware Type

This is the type of malware that is becoming an issue.

Keyword	Average	Label
Konni		8 (44.4%)
GraphicalNeutrino		6 (33.3%)
ShadowPad		2 (11.1%)
RokRAT		2 (11.1%)

Attacker & Actors

The status of the attacker or attack group being issued.

Keyword	Average	Label
Kimsuky		12 (40%)
Lazarus		7 (23.3%)
APT29		6 (20%)
SideCopy		3 (10%)
APT37		2 (6.7%)

Technique

This is an attack technique that is becoming an issue.

Keyword	Average	Label
APT		82 (44.3%)
Campaign		70 (37.8%)
Exploit		12 (6.5%)
hacking		11 (5.9%)
Phishing		6 (3.2%)

Country & Company

This is a country or company that is an issue.

Keyword	Average	Label
North Korea		17 (16.2%)
dprk		16 (15.2%)
South Korea		11 (10.5%)
China		8 (7.6%)
Government		7 (6.7%)

Threat info

Last 5

SNS

(Total : 76)

Total keyword

APT Campaign North Korea Malware dprk IoC hacking Kimsuky Exploit Report attack target South Korea Konni China Lazarus Update Kaspersky GraphicalNeutrino Phishing Government SideWinder APT29 Japan AhnLab SECUI Russia BlueKeep Europe SideCopy ESET c&c C2 APT37 Software ToddyCat cve ShadowPad Ukraine Ucraina India 보고서 Vulnerability Check Point Spear Phishing Backdoor 북한 RokRAT Cobalt Strike Egypt ...

No	Title	Date
1	Ginkgo @ginkgo_g ???? waves Found another #APT sample like this! ???? Hash: 667549ae95d4e0d8d04892f5246173bf ???? URL: https://gofinancially.com/images/upload/0424.png Would anyone be sweet enough to share if they've grabbed the payload? ???? I'd be super grateful! ???? https://t.co/qs8aehktJz https://t.co/KSAqeI4	2025.04.28
2	JangPro @JangPr0 #APT #DPRK d48032d835c95af816fbcea6e659cdbe Decoy: NTS_eTaxInvoice.html.lnk https://deliberatecollaboration.com/wp-includes/js/src/get.php & upload.php & list.php similar https://t.co/rldVG2Syaw https://t.co/ZKJcng4RBL	2025.04.28
3	Cyber_OSINT @Cyber_O51NT In March 2025, NSFOCUS reported 19 APT attacks primarily targeting government agencies in South Asia and East Asia, with spear phishing accounting for 79% of incidents, highlighting the ongoing threat from groups like Bitter and Lazarus. #CyberSecurity https://t.co/EcOmYPGKC4	2025.04.27
4	Ginkgo @ginkgo_g #Konni #APT https://t.co/R6oBhwFMze	2025.04.25
5	Cyber_OSINT @Cyber_O51NT A recent report reveals that the Earth Kurma APT campaign is actively targeting Southeast Asian government and telecom sectors using advanced malware and cyberespionage techniques. #Cybersecurity #APT https://t.co/afQWXKIEc4	2025.04.25

News

(Total : 6)

Total keyword

Campaign APT Malware AhnLab Government target Report attack South Korea United States Europe GraphicalNeutrino Phishing APT29 Operation intelligence Exploit Vulnerability Kimsuky Trend Micro

No	Title	Date
1	Earth Kurma APT Campaign Targets Southeast Asian Government, Telecom Sectors - Malware.News	2025.04.25
2	Earth Kurma APT Campaign Targets Southeast Asian Government, Telecom Sectors - TrendMicro	2025.04.25
3	Renewed APT29 Phishing Campaign Against European Diplomats - Checkpoint / Checkpoint Research / malpedia	2025.04.15
4	APT Group Profiles – Larva-24005 - ASEC BLOG	2025.04.14
5	March 2025 APT Group Trends (South Korea) - Malware.News	2025.04.10

Additional information

No	Title	Date
1	Top Tier Target \| What It Takes to Defend a Cybersecurity Company from Today’s Adversaries - Malware.News	2025.04.28
2	28th April – Threat Intelligence Report - Malware.News	2025.04.28
3	Navigating Through The Fog - Malware.News	2025.04.28
4	Huawei Set to Test Powerful AI Chip to Rival Nvidia’s, WSJ Says - Bloomberg Technology	2025.04.28
5	Gamers Beware! New Attack Targets Gamers to Deploy AgeoStealer Malware - Malware.News	2025.04.26
View only the last 5

No	Title	Date
1	Earth Kurma APT Campaign Targets Southeast Asian Government, Telecom Sectors - Malware.News	2025.04.25
2	APT Group Profiles – Larva-24005 - ASEC BLOG	2025.04.14
3	March 2025 APT Group Trends (South Korea) - Malware.News	2025.04.10
4	March 2025 APT Group Trends (South Korea) - ASEC BLOG	2025.04.09
5	카스퍼스키 “진화하는 APT·랜섬웨어 대응 위해 위협 인텔리전스 기반 선제적 전략 필요” - 데일리시큐	2025.03.26
View only the last 5

No	Request	Hash(md5)	Report No	Date
1	x64.exe Emotet Swrort Generic Malware Armageddon APT [C] All Process Malicious Library UPX Malicious Packer Antivirus Anti_VM PE File PE32 OS Processor Check DLL PE64 ftp MZP Format	e4b9f59c60edde996ac3c2d2b133dbf7	52359	2024.08.05
2	NINJA.exe Generic Malware Armageddon APT [C] All Process UPX PE32 PE File GIF Format	9e870f801dd759298a34be67b104d930	36555	2023.01.28
3	sheet.exe Formbook RAT PWS .NET framework Generic Malware Hide_EXE [C] All Process Armageddon APT Malicious Library UPX Malicious Packer AntiDebug AntiVM PE32 PE File OS Processor Check .NET EXE	1451ed9b5629e22afbde901d932f4bfc	32641	2022.09.26
4	采购订单要求 & 绘图样本..exe RAT Generic Malware [C] All Process Armageddon APT task schedule Malicious Library UPX Malicious Packer AntiDebug AntiVM PE32 OS Processor Check PE File .NET EXE GIF Format	c56268bd887cf060acae169c64e60a49	32131	2022.09.20
5	t-d.exe Armageddon APT WinRAR AntiDebug AntiVM PE File OS Processor Check PE32	95939e9f316d9e5d38e453b5f6095fcd	12579	2021.06.24
View only the last 5

Level	Description
danger	File has been identified by 56 AntiVirus engines on VirusTotal as malicious
notice	Creates executable files on the filesystem
notice	Drops an executable to the user AppData folder
notice	The binary likely contains encrypted or compressed data indicative of a packer
info	The executable contains unknown PE section names indicative of a packer (could be a false positive)
info	The file contains an unknown PE resource name possibly indicative of a packer
info	This executable has a PDB path

No	Category	URL	CC	ASN Co	Date
1	c2	http://00701111.000webhostapp.com/wp-extra/show.php	US	...	2023.09.18

No	URL	CC	ASN Co	Reporter	Date
1	https://jpkinki.com/fjugm APT Kimsuky	US	CLOUDFLARENET	IdaNotPro	2025.03.26
2	https://www.dropbox.com/scl/fi/cnfhxf0nc3qxfklznh5na/zzJG_2.zip?rlkey=7t1et81enar4uvbb7nnk58m9b&st=2... APT Kimsuky zip	US	DROPBOX	abuse_ch	2025.02.12
3	https://www.dropbox.com/scl/fi/icvpzbx4vn6lcthva168z/zzJG.zip?rlkey=kntc36792grkm64xriqputbdq&st=px5... APT Kimsuky	US	DROPBOX	JAMESWT_MHT	2025.02.05
4	https://liuyi.neectar.info/hsdverd_3ed5d/mdswsourt_4rfs APT decoy Patchwork PDF	GB		abuse_ch	2025.01.22
5	https://liuyi.neectar.info/lksderdd_4dferd/jhdfer3s_jh3de APT exe Patchwork rustystealer	GB		abuse_ch	2025.01.22
View only the last 5

Beta Service, If you select keyword, you can check detailed information.