Cyber Threat Trends

First reported date: 2021/03/01
Inquiry period : 2025/03/30 00:20 ~ 2025/04/29 00:20 (1 months), 7 search results

전 기간대비 71% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 GootLoader Malware Phishing 입니다.
악성코드 유형 Lobshot SmokeLoader Dbatloader XWorm 도 새롭게 확인됩니다.
공격기술 FakeUpdates Campaign 도 새롭게 확인됩니다.
기관 및 기업 Google Proofpoint 도 새롭게 확인됩니다.
기타 Advertising ThreatProtection Email NortonLifeLock Endgame 등 신규 키워드도 확인됩니다.

According to PCrisk, they discovered GootLoader malware while examining legitimate but compromised websites (mainly websites managed using WordPress). It was found that GootLoader is used to infect computers with additional malware. Cybercriminals using GootLoader seek to trick users into unknowingly downloading and executing the malware by disguising it as a document or other file. Ref.

* 최근 뉴스기사 Top3:
ㆍ 2025/03/31 Gootloader Returns: Malware Hidden in Google Ads for Legal Documents

참고로 동일한 그룹의 악성코드 타입은 SmokeLoader GuLoader Zloader 등 47개 종이 확인됩니다.

Date range button:

First seen:

Last seen:

Keyword

Top 100

#	Trend	Count	Comparison
1	GootLoader	7	▲ 5 (71%)
2	Malware	4	▲ 2 (50%)
3	Advertising	3	▲ new
4	Google	3	▲ new
5	Lobshot	3	▲ new
6	ThreatProtection	2	▲ new
7	Email	2	▲ new
8	NortonLifeLock	2	▲ new
9	Phishing	2	▲ 1 (50%)
10	Update	1	▼ -1 (-100%)
11	Endgame	1	▲ new
12	SmokeLoader	1	▲ new
13	spyware	1	▲ new
14	FakeUpdates	1	▲ new
15	Ransomware	1	▼ -1 (-100%)
16	proton66	1	▲ new
17	attack	1	- 0 (0%)
18	Dbatloader	1	▲ new
19	cyberthreat	1	▲ new
20	Proton	1	▲ new
21	infrastructure	1	▲ new
22	hub	1	▲ new
23	C2	1	▲ new
24	XWorm	1	▲ new
25	c&c	1	▲ new
26	Operation	1	- 0 (0%)
27	Latest	1	▲ new
28	Europols	1	▲ new
29	certain	1	▲ new
30	Returns	1	▲ new
31	Hidden	1	▲ new
32	document	1	▲ new
33	creation	1	▲ new
34	Proofpoint	1	▲ new
35	activity	1	▲ new
36	file	1	▲ new
37	URL	1	▲ new
38	spread	1	▲ new
39	zip	1	▲ new
40	JavaScript	1	▲ new
41	Java	1	- 0 (0%)
42	Dark	1	▲ new
43	Reading	1	▲ new
44	Resurfaces	1	▲ new
45	malvertisements	1	▲ new
46	variant	1	▲ new
47	Campaign	1	▲ new

Top 5

This is the type of malware that is becoming an issue.

The status of the attacker or attack group being issued.

No data.

This is an attack technique that is becoming an issue.

This is a country or company that is an issue.

Keyword	Average	Label
Google		3 (75%)
Proofpoint		1 (25%)

Top 5

A malware family is a group of applications with similar attack techniques.
In this trend, it is classified into Ransomware, Stealer, RAT or Backdoor, Loader, Botnet, Cryptocurrency Miner.

Last 5

(Total : 6)

Total keyword

No	Title	Date
1	Threat Intelligence @threatintel #ThreatProtection #Proton66 infrastructure, a hub for phishing, C2 ops and malware campaigns including GootLoader, SpyNote and XWorm. Read more about Symantec's protection: https://t.co/GeYC3ac1F5 #CyberThreat	2025.04.24
2	The Hacker News @TheHackersNews ???? Europol's Operation Endgame just busted 5+ SmokeLoader customers linked to ransomware, spyware, and crypto theft. Meanwhile, new malware loaders like ModiLoader, GootLoader, and FakeUpdates are hitting users with phishing, fake installs, and drive-by attacks. ???? Full story: https://t.co/tjA	2025.04.10
3	Threat Intelligence @threatintel #ThreatProtection Latest #Gootloader variant spread via #malvertisements, read more about Symantec's protection: https://t.co/jInFKQasWv	2025.04.03
4	Kimberly @StopMalvertisin Dark Reading \| Gootloader Malware Resurfaces in Google Ads for Legal Docs https://t.co/VfTwF3TbRb	2025.04.02
5	Threat Insight @threatinsight Under certain conditions, the URL will lead to a zip file with a JavaScript file that installs GootLoader, while at other times it will lead to an actual docx template used as a decoy. It is not possible to see from the email or URL if it will lead to the malicious file or not.	2025.03.31

(Total : 1)

Total keyword

No	Title	Date
1	Gootloader Returns: Malware Hidden in Google Ads for Legal Documents - GootLoader Wordpress / gootloadersites / malpedia	2025.03.31

No	Title	Date
1	Employee monitoring app exposes users, leaks 21+ million screenshots - Malware.News	2025.04.28
2	Introducing XSIAM 3.0 - Malware.News	2025.04.28
3	Deploy Bravely with Prisma AIRS - Malware.News	2025.04.28
4	2025 Cyber Resilience Research Discovers Speed of AI Advancing Emerging Attack Types - Malware.News	2025.04.28
5	Intel CEO Targets Change in Corporate Culture to Shape Up - Bloomberg Technology	2025.04.28
View only the last 5

No	Title	Date
1	Gootloader Returns: Malware Hidden in Google Ads for Legal Documents - GootLoader Wordpre... / gootloadersites / malpedia	2025.03.31
2	One in Four Cyberattacks in 2024 Traced to Infostealers, Huntress Reports - Malware.News	2025.03.03
3	Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab - Malware.News	2025.03.01
4	Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab - Malware.News	2025.03.01
5	Threat Intelligence Snapshot: Week 4, 2025 - Malware.News	2025.01.24
View only the last 5

No data

No	URL	CC	ASN Co	Reporter	Date
1	https://dugmv.si/xmlrpc.php GootLoader	SI	Telemach d.o.o.	lontze7	2024.11.25
2	https://www.janecourtney.ca/get.php GootLoader	US	IS-AS-1	zp4_sec	2024.01.23
3	https://www.joinmycourse.com/get.php GootLoader	DE	PlusServer GmbH	zp4_sec	2024.01.23
4	https://uumu.fi/blog.php gating GootLoader	FI	DNA Oyj	Gootloader2	2023.12.13
5	https://vente-outillages.com/blog.php gating GootLoader	FR	Xefi Lyon SAS	Gootloader2	2023.12.13
View only the last 5