Cyber Threat Trends

Summary: 2025/04/28 20:30

First reported date: 2013/10/31
Inquiry period : 2025/03/29 20:30 ~ 2025/04/28 20:30 (1 months), 53 search results

전 기간대비 -13% 낮은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 Report Malware target Email intelligence 입니다.
악성코드 유형 ViperSoftX Viper Astasia Rhysida Cryptocurrency Miner Vawtrak 도 새롭게 확인됩니다.
공격자 sectora01 도 새롭게 확인됩니다.
공격기술 hacking RCE 도 새롭게 확인됩니다.
기관 및 기업 dprk North Korea AhnLab Microsoft Mandiant Fortinet Brazil ThreatMon Europe 도 새롭게 확인됩니다.
기타 unauthorized cti Monthly Update case 등 신규 키워드도 확인됩니다.

* 최근 뉴스기사 Top3:
    ㆍ 2025/04/23 Iran-Linked Hackers Target Israel with MURKYTOUR Malware via Fake Job Campaign
    ㆍ 2025/04/17 Threat Actor Profile: SheByte Phishing-as-a-Service
    ㆍ 2025/04/15 Fortinet 0-Day, Spotify Checker Shared, and STX Leak Campaign

Date range button:

First seen:

Last seen:

Keyword

Trend graph by period

Related keyword cloud

Top 100

#	Trend	Count	Comparison
1	actor	53	▼ -7 (-13%)
2	threat	47	▼ -4 (-9%)
3	Report	12	▲ 9 (75%)
4	Malware	9	▲ 3 (33%)
5	target	8	▲ 2 (25%)
6	Email	8	▲ 2 (25%)
7	intelligence	7	▲ 4 (57%)
8	Vulnerability	6	▲ 5 (83%)
9	Exploit	6	▲ 3 (50%)
10	Campaign	5	▲ 1 (20%)
11	Ransomware	5	▲ 3 (60%)
12	Data	5	▼ -2 (-40%)
13	DarkWeb	5	▼ -8 (-160%)
14	Breach	5	▲ 4 (80%)
15	Victim	4	- 0 (0%)
16	hacking	4	▲ new
17	China	4	▲ 3 (75%)
18	attack	3	▼ -1 (-33%)
19	unauthorized	3	▲ new
20	access	3	▼ -9 (-300%)
21	Alleged	3	▼ -1 (-33%)
22	Password	3	▲ 2 (67%)
23	dprk	3	▲ new
24	Remote Code Execution	3	- 0 (0%)
25	ChinaNexus	3	▲ 2 (67%)
26	cti	3	▲ new
27	Monthly	3	▲ new
28	Group	3	▲ 2 (67%)
29	North Korea	3	▲ new
30	RCE	3	▲ new
31	Phishing	3	▼ -5 (-167%)
32	Kaspersky	3	▲ 2 (67%)
33	ViperSoftX	3	▲ new
34	Russia	3	▲ 2 (67%)
35	United States	3	▼ -2 (-67%)
36	Operation	3	▲ 1 (33%)
37	Update	3	▲ new
38	case	3	▲ new
39	ZeroDay	3	▲ 2 (67%)
40	Claims	3	▼ -24 (-800%)
41	Viper	3	▲ new
42	day	2	▲ new
43	Alert	2	▲ 1 (50%)
44	threatintel	2	▲ new
45	VPN	2	▼ -1 (-50%)
46	Software	2	▼ -1 (-50%)
47	Critical	2	▲ 1 (50%)
48	powershell	2	▲ new
49	AhnLab	2	▲ new
50	WordPress	2	- 0 (0%)
51	Microsoft	2	▲ new
52	c&c	2	▲ new
53	controversial	2	▲ new
54	Mandiant	2	▲ new
55	securityaffairs	2	▲ new
56	Dark	2	▼ -1 (-50%)
57	EncryptHub	2	▲ 1 (50%)
58	Fortinet	2	▲ new
59	payment	2	- 0 (0%)
60	Brazil	2	▲ new
61	first	2	▲ new
62	sectora02	2	▲ new
63	trend	2	▲ new
64	Criminal	2	▼ -1 (-50%)
65	sectora05	2	▲ new
66	SectorA	2	▲ new
67	sectora01	2	▲ new
68	Redbuscom	1	▲ new
69	Astasia	1	▲ new
70	UNC	1	▲ new
71	Backdoor	1	▼ -1 (-100%)
72	MURKYTOUR	1	▲ new
73	Rhysida	1	▲ new
74	Google	1	- 0 (0%)
75	Iran	1	▼ -1 (-100%)
76	Israel	1	- 0 (0%)
77	United Kingdom	1	▼ -1 (-100%)
78	Werewolf	1	▲ new
79	Zero	1	▲ new
80	MDB	1	▲ new
81	SS7	1	▲ new
82	Browser	1	▲ new
83	Paper	1	▲ new
84	ThreatMon	1	▲ new
85	Storm	1	▲ new
86	controller	1	▲ new
87	domain	1	▲ new
88	AzureCheckerexe	1	▲ new
89	Cryptocurrency Miner	1	▲ new
90	Education	1	▲ new
91	Social Engineering	1	- 0 (0%)
92	httpstcookaMxLx	1	▲ new
93	Vawtrak	1	▲ new
94	DeepSeek	1	▲ new
95	Europe	1	▲ new
96	Profile	1	▲ new
97	SheByte	1	▲ new
98	threatintelligence	1	▲ new
99	Russian	1	▲ new
100	sherrodim	1	▲ new

Special keyword group

Top 5

Malware Type

This is the type of malware that is becoming an issue.

Keyword	Average	Label
Ransomware		5 (29.4%)
ViperSoftX		3 (17.6%)
Viper		3 (17.6%)
Astasia		1 (5.9%)
Rhysida		1 (5.9%)

Attacker & Actors

The status of the attacker or attack group being issued.

Keyword	Average	Label
sectora01		2 (100%)

Technique

This is an attack technique that is becoming an issue.

Keyword	Average	Label
Exploit		6 (23.1%)
Campaign		5 (19.2%)
hacking		4 (15.4%)
Remote Code Execution		3 (11.5%)
RCE		3 (11.5%)

Country & Company

This is a country or company that is an issue.

Keyword	Average	Label
China		4 (10.8%)
dprk		3 (8.1%)
North Korea		3 (8.1%)
Kaspersky		3 (8.1%)
Russia		3 (8.1%)

Threat info

Last 5

SNS

(Total : 44)

Total keyword

Report Email target Exploit Vulnerability intelligence hacking DarkWeb dprk Malware North Korea Remote Code Execution Russia China Ransomware Kaspersky United States RCE ZeroDay payment WordPress attack Victim Password Campaign Update sectora01 Operation Cryptocurrency Miner ViperSoftX Viper Education Fortinet Astasia Europe Government Vawtrak Browser Microsoft United Kingdom Rhysida ThreatMon Telegram Phishing ...

No	Title	Date
1	Cyber_OSINT @Cyber_O51NT Microsoft reported that threat actor Storm-1977 has been using AzureChecker.exe for password spraying attacks against education sector cloud tenants, deploying over 200 crypto mining containers in the past year. #CyberSecurity #ThreatIntel https://t.co/JzdIOuctZU	2025.04.27
2	ThreatMon @MonThreat Actor : rhysida Victim : MDB Date : 2025-04-26 18:03:07 UTC +3 According to #DarkWeb #Ransomware activity detected by the ThreatMon Threat Intelligence Team. The “#rhysida” Ransomware group has added MDB to its victims.	2025.04.26
3	Dark Web Informer - Cyber Threat Intelligence @DarkWebInformer ???????????? Alleged Breach: Redbus.com 1.2M+ Users Exposed A threat actor has claimed responsibility for breaching Redbus.com in April 2025. The breached company is reportedly based in the United Kingdom, with 60 employees and a revenue of approximately $14 million. ???? Victim: https://t.co/TANu	2025.04.25
4	ThreatMon @MonThreat Alleged Data Breach of breachfed.fi A threat actor on a dark web forum claims to have breached breachfed.fi, a domain allegedly associated with the previously shut-down breachforums.st, which was closed on April 15th. The threat actor, identified as Anastasia, is behind https://t.co/JQD7qqJU0F	2025.04.24
5	lazarusholic @lazarusholic "How do you catch a DPRK actor you ask" published by @browsercookies. #ITWorker, #DPRK, #CTI https://t.co/qFROq8Cfdx	2025.04.22

News

(Total : 9)

Total keyword

Malware target intelligence Campaign Operation Software ViperSoftX AhnLab powershell Phishing Victim c&c Attacker Ransomware Viper Exploit Vulnerability Docker attack RCE Brazil Email ESET VPN Password Black Basta Update Social Engineering Israel Iran Google Mandiant Backdoor ZeroDay GitHub China Microsoft Windows Criminal BlackBasta Android Report DarkWeb Fortinet Linux

No	Title	Date
1	Iran-Linked Hackers Target Israel with MURKYTOUR Malware via Fake Job Campaign - The Hacker News	2025.04.23
2	Threat Actor Profile: SheByte Phishing-as-a-Service - FORTRA / Max Ickert / malpedia	2025.04.17
3	Fortinet 0-Day, Spotify Checker Shared, and STX Leak Campaign - Malware.News	2025.04.15
4	ViperSoftX Malware Distributed by Arabic-Speaking Threat Actor - Malware.News	2025.04.10
5	Threat Actor Leaks Data from Major Bulletproof Hosting Provider Medialand - Malware.News	2025.04.08

Additional information

No	Title	Date
1	Top Tier Target \| What It Takes to Defend a Cybersecurity Company from Today’s Adversaries - Malware.News	2025.04.28
2	28th April – Threat Intelligence Report - Malware.News	2025.04.28
3	Navigating Through The Fog - Malware.News	2025.04.28
4	Huawei Set to Test Powerful AI Chip to Rival Nvidia’s, WSJ Says - Bloomberg Technology	2025.04.28
5	Gamers Beware! New Attack Targets Gamers to Deploy AgeoStealer Malware - Malware.News	2025.04.26
View only the last 5

No	Title	Date
1	Iran-Linked Hackers Target Israel with MURKYTOUR Malware via Fake Job Campaign - The Hacker News	2025.04.23
2	Iran-Linked Hackers Target Israel with MURKYTOUR Malware via Fake Job Campaign - The Hacker News	2025.04.23
3	Fortinet 0-Day, Spotify Checker Shared, and STX Leak Campaign - Malware.News	2025.04.15
4	Fortinet 0-Day, Spotify Checker Shared, and STX Leak Campaign - Malware.News	2025.04.15
5	ViperSoftX Malware Distributed by Arabic-Speaking Threat Actor - Malware.News	2025.04.10
View only the last 5

No data

Beta Service, If you select keyword, you can check detailed information.