Cyber Threat Trends

Summary: 2025/04/29 21:20

First reported date: 2011/03/24
Inquiry period : 2025/03/30 21:20 ~ 2025/04/29 21:20 (1 months), 117 search results

전 기간대비 2% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 IoC Victim Stealer Microsoft Email 입니다.
악성코드 유형 Black Basta 도 새롭게 확인됩니다.
공격기술 RCE 도 새롭게 확인됩니다.
기관 및 기업 Canada 도 새롭게 확인됩니다.
기타 keylogger 신규 키워드도 확인됩니다.

* 최근 뉴스기사 Top3:
    ㆍ 2025/04/28 IR Trends Q1 2025: Phishing soars as identity-based attacks persist
    ㆍ 2025/04/26 Threat Hunting: For what, when, and how?
    ㆍ 2025/04/25 Lessons from Ted Lasso for cybersecurity success

Date range button:

First seen:

Last seen:

Keyword

Trend graph by period

Related keyword cloud

Top 100

#	Trend	Count	Comparison
1	IoC	117	▲ 2 (2%)
2	Malware	61	▼ -18 (-30%)
3	Campaign	49	▼ -2 (-4%)
4	Phishing	36	▼ -4 (-11%)
5	Update	35	▼ -1 (-3%)
6	Report	31	▼ -14 (-45%)
7	attack	29	▼ -4 (-14%)
8	Victim	29	▲ 1 (3%)
9	Stealer	29	▲ 2 (7%)
10	c&c	29	▼ -6 (-21%)
11	Advertising	28	▼ -8 (-29%)
12	Microsoft	27	▲ 4 (15%)
13	Windows	27	▼ -6 (-22%)
14	United States	26	▼ -1 (-4%)
15	target	25	▼ -3 (-12%)
16	Email	22	▲ 2 (9%)
17	Exploit	22	▼ -2 (-9%)
18	intelligence	21	▼ -7 (-33%)
19	Vulnerability	16	▼ -7 (-44%)
20	powershell	16	▼ -4 (-25%)
21	GitHub	15	▼ -2 (-13%)
22	NetWireRC	15	▼ -7 (-47%)
23	Operation	15	▼ -1 (-7%)
24	Linux	14	- 0 (0%)
25	Education	13	▲ 4 (31%)
26	Kaspersky	13	▼ -2 (-15%)
27	APT	13	▲ 9 (69%)
28	Software	13	▼ -4 (-31%)
29	China	13	- 0 (0%)
30	Lumma	11	▲ 2 (18%)
31	Criminal	11	▼ -4 (-36%)
32	Government	11	- 0 (0%)
33	Ransomware	10	▼ -6 (-60%)
34	Cobalt Strike	10	- 0 (0%)
35	RCE	10	▲ new
36	iocs	10	▲ 2 (20%)
37	Social Engineering	10	▲ 2 (20%)
38	Android	10	▲ 3 (30%)
39	Backdoor	10	▼ -5 (-50%)
40	Russia	10	▼ -3 (-30%)
41	Trojan	10	▲ 2 (20%)
42	GameoverP2P	10	▼ -4 (-40%)
43	Browser	9	▼ -5 (-56%)
44	threat	9	▲ 4 (44%)
45	Distribution	9	- 0 (0%)
46	Cisco	8	▲ 1 (13%)
47	ZeroDay	8	▲ 3 (38%)
48	Java	7	▼ -3 (-43%)
49	MFA	7	▼ -5 (-71%)
50	RAT	7	▼ -2 (-29%)
51	malicious	6	▲ 2 (33%)
52	Vawtrak	6	▲ 1 (17%)
53	Telegram	6	▼ -2 (-33%)
54	anyrun	6	▲ 5 (83%)
55	File	6	▲ 2 (33%)
56	EDR	6	▲ 1 (17%)
57	Google	6	▼ -8 (-133%)
58	VBScript	6	▼ -4 (-67%)
59	South Korea	6	▲ 1 (17%)
60	Sintesi	6	▼ -3 (-50%)
61	malevole	6	▼ -1 (-17%)
62	Remote Code Execution	6	▼ -17 (-283%)
63	VirusTotal	6	- 0 (0%)
64	campagne	6	▼ -1 (-17%)
65	LummaStealer	6	▲ 5 (83%)
66	SideWinder	5	▲ 2 (40%)
67	North Korea	5	▼ -3 (-60%)
68	FormBook	5	- 0 (0%)
69	DDoS	5	▲ 2 (40%)
70	India	5	▲ 1 (20%)
71	United Kingdom	5	▲ 3 (60%)
72	RATel	5	▼ -2 (-40%)
73	Japan	4	▼ -2 (-50%)
74	Taiwan	4	▼ -3 (-75%)
75	amosstealer	4	▲ 3 (75%)
76	France	4	▲ 3 (75%)
77	AMOS	4	▲ 3 (75%)
78	riepilogativa	4	▼ -5 (-125%)
79	Downloader	4	▲ 1 (25%)
80	Password	4	▼ -2 (-50%)
81	VPN	4	▲ 1 (25%)
82	Banking	4	▲ 1 (25%)
83	TI	4	▲ 1 (25%)
84	ANY	4	▼ -3 (-75%)
85	Ucraina	4	- 0 (0%)
86	Cryptocurrency	4	▼ -5 (-125%)
87	hijack	4	- 0 (0%)
88	AsyncRAT	4	▼ -4 (-100%)
89	DYEPACK	3	- 0 (0%)
90	Lookup	3	▲ 1 (33%)
91	Australia	3	▼ -1 (-33%)
92	Black Basta	3	▲ new
93	Italy	3	▲ 1 (33%)
94	XWorm	3	▼ -5 (-167%)
95	ESET	3	▼ -2 (-67%)
96	Canada	3	▲ new
97	UNIX	3	- 0 (0%)
98	Zscaler	3	▲ 2 (67%)
99	keylogger	3	▲ new
100	Kimsuky	3	▼ -2 (-67%)

Special keyword group

Top 5

Malware Type

This is the type of malware that is becoming an issue.

Keyword	Average	Label
NetWireRC		15 (14%)
Lumma		11 (10.3%)
Ransomware		10 (9.3%)
Trojan		10 (9.3%)
GameoverP2P		10 (9.3%)

Attacker & Actors

The status of the attacker or attack group being issued.

Keyword	Average	Label
Kimsuky		3 (100%)

Technique

This is an attack technique that is becoming an issue.

Keyword	Average	Label
Campaign		49 (24.1%)
Phishing		36 (17.7%)
Stealer		29 (14.3%)
Exploit		22 (10.8%)
APT		13 (6.4%)

Country & Company

This is a country or company that is an issue.

Keyword	Average	Label
Microsoft		27 (14.4%)
United States		26 (13.8%)
Kaspersky		13 (6.9%)
China		13 (6.9%)
Government		11 (5.9%)

Threat info

Last 5

SNS

(Total : 66)

Total keyword

IoC Stealer Campaign APT Malware iocs Phishing Lumma NetWireRC Update LummaStealer SideWinder FormBook GitHub RAT Education attack dprk North Korea Operation Kimsuky intelligence c&c C2 ClickFix AsyncRAT Backdoor XWorm Android Microsoft Cobalt Strike Xloader Report APT41 Banking Check Point Safari Browser MacOS RedLine Remcos ...

No	Title	Date
1	Konstantin Nikolenko @K_N1kolenko #FormBook #Stealer #ioc 031234440.xyz ambitiouswomen.net aqbtkj.top auradesigns.xyz coininsight.tech efcoin.live eternalethereum.xyz guiasservicos.shop holorush.live kissjav.pics newshunt.biz nicheremedies.xyz rciede.info royalbond.xyz rtvs-sk.sbs	2025.04.29
2	Cyber Team @Cyberteam008 Fofa Query for #Kimsuky #APT / #APT43 / #VelvetChollima Query: icon_hash="-545893547" && os!="" Link: https://t.co/vEtLb2NhFv Infra: https://t.co/QONfEyjyUl Note: Most of the infra hosted in South Korea (AS135377, AS4766, AS20473), France & USA. @500mk500 #Malware #ioc https://t.co/	2025.04.28
3	Yogesh Londhe @suyog41 NORMALDAKI Stealer cdfdc1fde47a5d2899cf09d4c01e00e9 #NORMALDAKI #Stealer #IOC https://t.co/MrYXp8Jjef	2025.04.28
4	Yogesh Londhe @suyog41 Amos Stealer Setup 62d7d138b50a2875d08012c56a3198ae update-script 366e9e8978edb924e998d7a7c156782b Open Gatekeeper friendly[.app[.zip 2305d8e0e527ddb7cc7591a55c31ffcf OGF 34259547171d840973bce9ddd2d87bbf #Amos #AmosStealer #Stealer #IOC	2025.04.25
5	Konstantin Nikolenko @K_N1kolenko #AsyncRAT #ioc 85.203.4.56:1834 114.66.58.133:8995 176.65.144.121:4449	2025.04.25

News

(Total : 51)

Total keyword

IoC Malware Campaign Attacker Report Update Victim Phishing Advertising c&c Windows attack United States Microsoft target Email Exploit intelligence powershell Vulnerability Operation Software Linux Kaspersky China GitHub Criminal GameoverP2P Government Russia RCE Education Social Engineering Ransomware Distribution Android Cobalt Strike NetWireRC Trojan ZeroDay Backdoor Browser Cisco Stealer Java MFA Remote Code Execution EDR Google Vawtrak Telegram VirusTotal DDoS VBScript United Kingdom South Korea RATel Downloader Ucraina India VPN Taiwan Password hijack RAT Japan Lumma Cryptocurrency payment Chrome ESET DYEPACK Australia Italy Canada VMware France Smishing North Korea Banking Germany CACTUS Zscaler UNIX Black Basta WhatsApp UN RSA Conference SMB CISA PoC ...

No	Title	Date
1	IR Trends Q1 2025: Phishing soars as identity-based attacks persist - Malware.News	2025.04.28
2	Threat Hunting: For what, when, and how? - Malware.News	2025.04.26
3	Lessons from Ted Lasso for cybersecurity success - Malware.News	2025.04.25
4	ANY.RUN Becomes a Gold Winner in Threat Intelligence at Globee Awards 2025 - Malware.News	2025.04.24
5	Operation SyncHole: Lazarus APT goes back to the well - Malware.News	2025.04.24

Additional information

No	Title	Date
1	What privacy? Perplexity wants your data, builds browser to track you and serve ads - Malware.News	2025.04.29
2	Foldable Phones Need Better Software to Drive Wider Interest - Bloomberg Technology	2025.04.29
3	Year in Review: AI based threats - Malware.News	2025.04.29
4	Spotify’s Subscriber Count Climbs 12%, Beating Forecast - Bloomberg Technology	2025.04.29
5	Microsoft and Amazon Capex in Focus Amid Potential AI Pullback - Bloomberg Technology	2025.04.29
View only the last 5

No	Title	Date
1	IR Trends Q1 2025: Phishing soars as identity-based attacks persist - Malware.News	2025.04.28
2	IR Trends Q1 2025: Phishing soars as identity-based attacks persist - Malware.News	2025.04.28
3	Threat Hunting: For what, when, and how? - Malware.News	2025.04.26
4	Threat Hunting: For what, when, and how? - Malware.News	2025.04.26
5	Threat Hunting: For what, when, and how? - Malware.News	2025.04.26
View only the last 5

No data

No	URL	Reporter	Date
1	http://185.215.113.93/tdrpload.exe exe GandCrab IOC Ransomware	Try0	2024.07.27
2	http://185.215.113.93/r.exe exe GandCrab IOC Ransomware	Try0	2024.07.27
3	http://185.215.113.93/a.exe exe GandCrab IOC Ransomware	Try0	2024.07.27
4	http://185.215.113.93/t2.exe exe GandCrab IOC Ransomware	Try0	2024.07.27
5	http://185.215.113.93/s.exe exe GandCrab IOC Ransomware	Try0	2024.07.27
View only the last 5

Beta Service, If you select keyword, you can check detailed information.