popup

Cyber Threat Trends

  1. Day Week

Gemelli flickerflypro flickerfly

Summary: 2025/04/29 00:42

First reported date: 2017/05/03
Inquiry period : 2025/03/30 00:42 ~ 2025/04/29 00:42 (1 months), 26 search results

전 기간대비 62% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 Konni North Korea dprk Campaign cti 입니다.
악성코드 유형 RAT NetWireRC 도 새롭게 확인됩니다.
공격자 Lazarus 도 새롭게 확인됩니다.
공격기술 Phishing Spear Phishing 캠페인 Exploit 도 새롭게 확인됩니다.
기관 및 기업 South Korea dailysecu SECUI AhnLab Genian 경찰청 NorthKorea 도 새롭게 확인됩니다.
기타 제안 slides WordPress 위협 서로 등 신규 키워드도 확인됩니다.

Konni is a remote administration tool, observed in the wild since early 2014. The Konni malware family is potentially linked to APT37, a North-Korean cyber espionage group active since 2012. The group primary victims are South-Korean political organizations, as well as Japan, Vietnam, Russia, Nepal, China, India, Romania, Kuwait, and other parts of the Middle East.  Ref.

 * 최근 뉴스기사 Top3:
    ㆍ 2025/04/24 제안서로 위장을 하고 있는 북한 코니(Konni) 에서 만든 악성코드-제안서(2025.4.11)
    ㆍ 2025/04/20 [K-CTI 2025] 엔키화이트햇 천호진 수석, 북한 연계 Konni 그룹의 정교한 공격 활동 분석 내용 공개해
    ㆍ 2025/04/10 북한 해킹 그룹 Konni(코니)에서 만든 악성코드-ECRM.M.hwp.lnk(<-가칭,2025.3.24)


참고로 동일한 그룹의 악성코드 타입은 Remcos njRAT QuasarRAT 등 112개 종이 확인됩니다.

Trend graph by period


Related keyword cloud
Top 100
# Trend Count Comparison
1Konni 26 ▲ 16 (62%)
2North Korea 18 ▲ 11 (61%)
3dprk 14 ▲ 10 (71%)
4Campaign 11 ▲ 10 (91%)
5cti 11 ▲ 8 (73%)
6lnk 9 ▲ 3 (33%)
7Malware 8 ▲ 1 (13%)
8APT 8 ▲ 6 (75%)
9그룹 5 ▲ 4 (80%)
10북한 3 ▼ -2 (-67%)
11제안 3 ▲ new
12위장 3 ▲ 2 (67%)
13Kimsuky 3 ▲ 2 (67%)
14slides 2 ▲ new
15공격 2 ▲ 1 (50%)
16WordPress 2 ▲ new
17위협 2 ▲ new
18서로 2 ▲ new
19North 2 ▲ new
20group 2 ▲ new
21RAT 2 ▲ new
22Phishing 2 ▲ new
23name 2 ▲ new
24file 2 ▲ 1 (50%)
25hacking 2 ▼ -2 (-100%)
26분석 1 ▲ new
27대상 1 ▲ new
28최신 1 ▲ new
29공유 1 ▲ new
30주요 1 ▲ new
31b9547d6a4c20661d8c37fcdd7a82539f4b56a7f7d9228a57354e197936bb1136 1 ▲ new
32trend 1 ▲ new
33MultiStage 1 ▲ new
34사례 1 ▲ new
35협력 1 ▲ new
36자간 1 ▲ new
37Lazarus 1 ▲ new
38AhnLabSecuInfo 1 ▲ new
39동향 1 ▲ new
40문서 1 - 0 (0%)
41conference 1 ▲ new
42South Korea 1 ▲ new
43dailysecu 1 ▲ new
44파일 1 ▲ new
45Deep 1 ▲ new
46한글 1 - 0 (0%)
47보고서 1 ▲ new
48RokRAT 1 - 0 (0%)
49Dive 1 ▲ new
50APT37 1 ▼ -1 (-100%)
51Into 1 ▲ new
52SECUI 1 ▲ new
53Report 1 ▲ new
54수석 1 ▲ new
55AhnLab 1 ▲ new
56hwp 1 - 0 (0%)
57httpsC 1 ▲ new
58국가인권위 1 ▲ new
59Spear Phishing 1 ▲ new
60priyaa 1 ▲ new
61Police 1 - 0 (0%)
62Genian 1 ▲ new
63캠페인 1 ▲ new
64사칭 1 ▲ new
65경찰청 1 ▲ new
66Recent 1 ▲ new
67autoit 1 ▲ new
68Korean 1 ▲ new
69Threat 1 ▲ new
70NorthKorea 1 ▲ new
71Persistence 1 ▲ new
72Stealth 1 ▲ new
73Analysis 1 ▲ new
74ThreatProtection 1 ▲ new
75NortonLifeLock 1 ▲ new
76signature 1 ▲ new
77KoreaLinked 1 ▲ new
78Website 1 ▲ new
79compromised 1 ▲ new
80코니 1 ▲ new
81해킹 1 ▼ -2 (-200%)
82악성코드 1 ▼ -1 (-100%)
83ECRM 1 - 0 (0%)
84IoC 1 - 0 (0%)
85e25c696a6d4b6eafde43f2d6b8db45701cafc329df111ec48d63c5d0fb80f80c 1 ▲ new
86NetWireRC 1 ▲ new
87api 1 ▲ new
88key 1 ▲ new
89Exploit 1 ▲ new
90c&c 1 ▲ new
91access 1 ▲ new
92unknown 1 ▲ new
93sha 1 ▲ new
94있는 1 ▲ new
Special keyword group
Top 5
Malware Type
Malware Type

This is the type of malware that is becoming an issue.

Keyword Average Label
Konni
26 (86.7%)
RAT
2 (6.7%)
RokRAT
1 (3.3%)
NetWireRC
1 (3.3%)
Attacker & Actors
Attacker & Actors

The status of the attacker or attack group being issued.

Keyword Average Label
Kimsuky
3 (60%)
Lazarus
1 (20%)
APT37
1 (20%)
Attack technique
Technique

This is an attack technique that is becoming an issue.

Keyword Average Label
Campaign
11 (40.7%)
APT
8 (29.6%)
Phishing
2 (7.4%)
hacking
2 (7.4%)
Spear Phishing
1 (3.7%)
Country & Company
Country & Company

This is a country or company that is an issue.

Keyword Average Label
North Korea
18 (41.9%)
dprk
14 (32.6%)
북한
3 (7%)
South Korea
1 (2.3%)
dailysecu
1 (2.3%)
Malware Family
Top 5

A malware family is a group of applications with similar attack techniques.
In this trend, it is classified into Ransomware, Stealer, RAT or Backdoor, Loader, Botnet, Cryptocurrency Miner.

Threat info
Last 5

SNS

(Total : 23)
  Total keyword

Konni North Korea dprk Campaign APT Malware Kimsuky WordPress Phishing RAT 보고서 Lazarus Attacker RokRAT APT37 AhnLab SECUI Report IoC 경찰청 Police Genian 캠페인 NorthKorea Spear Phishing hacking 해킹 북한 Exploit c&c NetWireRC

No Title Date
1Ginkgo @ginkgo_g
#Konni #APT https://t.co/R6oBhwFMze		2025.04.25
2lazarusholic @lazarusholic
"제안서로 위장을 하고 있는 북한 코니(Konni) 에서 만든 악성코드-제안서(2025.4.11)" published by @sakaijjang. #Konni, #LNK, #DPRK, #CTI https://t.co/C8RYgvH5YI		2025.04.24
3lazarusholic @lazarusholic
"A Deep Dive Into a Multi-Stage Malware Campaign Potentially Linked to DPRK’s Konni Group" published by @navneetr4j. #Konni, #LNK, #DPRK, #CTI https://t.co/3kYh8rE6kZ		2025.04.23
4lazarusholic @lazarusholic
"한글 문서로 위장한 두 공격 그룹의 악성코드 비교" published by @logpresso. #APT37, #Konni, #RokRAT, #LNK, #DPRK, #CTI https://t.co/BS7CiUDyVA		2025.04.18
5lazarusholic @lazarusholic
"2025년 3월 APT 그룹 동향 보고서" published by @AhnLab_SecuInfo. #Kimsuky, #Konni, #Lazarus, #Trend, #DPRK, #CTI https://t.co/RV2DSuFAt3		2025.04.16

News

(Total : 3)
  Total keyword

Malware Konni North Korea 북한 South Korea conference dailysecu 악성코드 hacking

No Title Date
1제안서로 위장을 하고 있는 북한 코니(Konni) 에서 만든 악성코드-제안서(2025.4.11) - Malware.News2025.04.24
2[K-CTI 2025] 엔키화이트햇 천호진 수석, 북한 연계 Konni 그룹의 정교한 공격 활동 분석 내용 공개해 - 데일리시큐2025.04.20
3북한 해킹 그룹 Konni(코니)에서 만든 악성코드-ECRM.M.hwp.lnk(<-가칭,2025.3.24) - Malware.News2025.04.10

Additional information

No data
No data
No data
No data
Beta Service, If you select keyword, you can check detailed information.