popup

Cyber Threat Trends

  1. Day Week

Gemelli flickerflypro flickerfly

Summary: 2025/04/28 18:37

First reported date: 2012/08/22
Inquiry period : 2025/03/29 18:37 ~ 2025/04/28 18:37 (1 months), 135 search results

전 기간대비 21% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 Linux Windows Report attack Exploit 입니다.
악성코드 유형 BPFDoor 도 새롭게 확인됩니다.
공격자 Tick 도 새롭게 확인됩니다.
공격기술 Hijacking 도 새롭게 확인됩니다.
기관 및 기업 United Kingdom South Korea 도 새롭게 확인됩니다.
기타 Sysdig Telegram VPN Outlaw 공격 등 신규 키워드도 확인됩니다.

 * 최근 뉴스기사 Top3:
    ㆍ 2025/04/26 Detecting and Mitigating io_uring Abuse for Malware Evasion
    ㆍ 2025/04/25 Clandestine rootkit compromise possible with Linux io_uring interface issue
    ㆍ 2025/04/25 IT Sicherheitsnews taegliche Zusammenfassung 2025-04-25 12h : 1 posts

Trend graph by period


Related keyword cloud
Top 100
# Trend Count Comparison
1Linux 135 ▲ 28 (21%)
2Malware 54 ▼ -2 (-4%)
3Update 46 ▼ -4 (-9%)
4Windows 40 ▲ 5 (13%)
5Report 31 ▲ 2 (6%)
6target 29 - 0 (0%)
7attack 26 ▲ 3 (12%)
8Exploit 26 ▲ 2 (8%)
9United States 23 ▲ 5 (22%)
10Vulnerability 21 ▲ 4 (19%)
11Campaign 21 ▼ -1 (-5%)
12Advertising 20 ▲ 8 (40%)
13Software 18 ▲ 2 (11%)
14Kernel 16 ▼ -1 (-6%)
15RCE 16 ▲ 15 (94%)
16GitHub 16 ▲ 5 (31%)
17Microsoft 16 ▼ -2 (-13%)
18Phishing 15 ▲ 3 (20%)
19intelligence 15 ▼ -5 (-33%)
20Android 15 ▲ 7 (47%)
21Operation 14 - 0 (0%)
22IoC 14 ▼ -1 (-7%)
23Distribution 13 ▲ 6 (46%)
24Schwachstellen 13 ▲ 2 (15%)
25c&c 12 ▲ 3 (25%)
26DDoS 12 ▲ 3 (25%)
27Victim 12 ▼ -4 (-33%)
28Backdoor 11 ▲ 3 (27%)
29Red Hat 11 ▲ 3 (27%)
30Mehrere 11 ▲ 3 (27%)
31hacking 11 ▲ 4 (36%)
32Education 10 ▼ -2 (-20%)
33Email 10 ▲ 4 (40%)
34Remote Code Execution 9 ▼ -14 (-156%)
35ZeroDay 9 ▲ 6 (67%)
36China 9 ▲ 4 (44%)
37Red 8 ▲ 1 (13%)
38GameoverP2P 8 ▲ 3 (38%)
39Hat 8 ▲ 1 (13%)
40NetWireRC 7 ▲ 2 (29%)
41Enterprise 7 - 0 (0%)
42powershell 7 ▲ 1 (14%)
43Google 7 ▲ 1 (14%)
44Docker 7 ▲ 4 (57%)
45Ransomware 6 ▼ -10 (-167%)
46Denial 6 ▲ 2 (33%)
47Trojan 6 ▲ 2 (33%)
48Cryptocurrency Miner 6 ▲ 4 (67%)
49Social Engineering 5 ▲ 4 (80%)
50Apple 5 ▲ 1 (20%)
51Schwachstelle 5 ▼ -7 (-140%)
52Sysdig 5 ▲ new
53Botnet 5 ▲ 4 (80%)
54CISA 5 ▲ 1 (20%)
55Browser 5 - 0 (0%)
56Cisco 5 - 0 (0%)
57Kubernetes 5 ▲ 2 (40%)
58hijack 5 ▲ 3 (60%)
59Stealer 5 ▲ 2 (40%)
60Telegram 5 ▲ new
61Tick 4 ▲ new
62PoC 4 ▲ 2 (50%)
63Government 4 - 0 (0%)
64VirusTotal 4 ▲ 2 (50%)
65United Kingdom 4 ▲ new
66Zusammenfassung 4 ▲ 2 (50%)
67Criminal 4 ▼ -4 (-100%)
68VPN 4 ▲ new
69SSH 4 ▲ 3 (75%)
70network 4 ▲ 3 (75%)
71Sicherheitsnews 4 ▲ 2 (50%)
72Cobalt Strike 4 - 0 (0%)
73RAT 4 ▲ 3 (75%)
74ANY 4 ▼ -3 (-75%)
75Hijacking 4 ▲ new
76taegliche 4 ▲ 2 (50%)
77CVSS 4 ▼ -1 (-25%)
78India 4 ▲ 2 (50%)
79BPFDoor 4 ▲ new
80Outlaw 3 ▲ new
81Russia 3 - 0 (0%)
82공격 3 ▲ new
83TI 3 ▲ 1 (33%)
84XorDDoS 3 ▲ new
85Cryptocurrency 3 - 0 (0%)
86Takedown 3 ▼ -1 (-33%)
87US 3 ▲ 2 (67%)
88system 3 - 0 (0%)
89Kaspersky 3 ▼ -1 (-33%)
90Vawtrak 3 ▼ -1 (-33%)
91RATel 3 - 0 (0%)
92My 3 ▲ new
93Tails 3 ▲ new
94controller 3 ▲ new
95Red Team 3 ▲ 1 (33%)
96rootkit 3 ▲ new
97Anonymisierendes 3 ▲ new
98UNIX 3 ▲ 2 (67%)
99South Korea 3 ▲ new
100amp 3 ▲ 2 (67%)
Special keyword group
Top 5
Malware Type
Malware Type

This is the type of malware that is becoming an issue.

Keyword Average Label
GameoverP2P
8 (14.3%)
NetWireRC
7 (12.5%)
Ransomware
6 (10.7%)
Trojan
6 (10.7%)
Cryptocurrency Miner
6 (10.7%)
Attacker & Actors
Attacker & Actors

The status of the attacker or attack group being issued.

Keyword Average Label
Tick
4 (100%)
Attack technique
Technique

This is an attack technique that is becoming an issue.

Keyword Average Label
Exploit
26 (18.6%)
Campaign
21 (15%)
RCE
16 (11.4%)
Phishing
15 (10.7%)
DDoS
12 (8.6%)
Country & Company
Country & Company

This is a country or company that is an issue.

Keyword Average Label
United States
23 (23.2%)
Microsoft
16 (16.2%)
China
9 (9.1%)
Google
7 (7.1%)
Apple
5 (5.1%)
Threat info
Last 5

SNS

(Total : 31)
  Total keyword

Linux Malware Exploit Windows target attack United States Android apple US DDoS Report hacking CISA RCE Ransomware Hijacking hijack Botnet BPFDoor Backdoor China Cisco Telegram Docker Operation iCloud PoC Singapore Government Campaign Cryptocurrency Miner CoinMiner Distribution ...

No Title Date
1Dark Web Informer - Cyber Threat Intelligence @DarkWebInformer
???? Alleged Linux Server Access for Sale A threat actor is offering access to a Linux-based server linked to an insurance company in Latin America. ???? Access Type: Linux ???? Revenue: 500,000,000$ ???? Sector: Insurance ???? Price: $600 https://t.co/Ep8tTRitvb		2025.04.27
2Cyber_OSINT @Cyber_O51NT
ARMO researchers have uncovered a significant blind spot in Linux runtime security tools, revealing that io_uring has re-emerged as a rootkit, raising serious concerns for system security. #CyberSecurity #Linux https://t.co/xasw18QyuS		2025.04.25
3Cyber_OSINT @Cyber_O51NT
The "Hellish Helldown Ransomware," identified in August 2024, evolves with anti-detection and double extortion tactics, now targeting both Windows and Linux, prompting AttackIQ to release new assessment tools for enhanced security validation. #CyberSecur… https://t.co/BT7ns8JipK		2025.04.25
4BleepingComputer @BleepinComputer
Linux 'io_uring' security blindspot allows stealthy rootkit attacks - @billtoulas https://t.co/EghgpO0oOP https://t.co/EghgpO0oOP		2025.04.24
5Cyber_OSINT @Cyber_O51NT
Cybersecurity researchers revealed a PoC rootkit named Curing that uses Linux's io_uring to evade traditional system call monitoring, creating a significant blind spot in Linux runtime security tools, according to ARMO. https://t.co/bq1KHKIvyX		2025.04.24

News

(Total : 104)
  Total keyword

Linux Update Malware Windows Report target attack Vulnerability Advertising Attacker Campaign United States Software Exploit Microsoft GitHub intelligence Phishing RCE Operation IoC Distribution Victim c&c Red Hat Android Email Education ZeroDay DDoS Remote Code Execution hacking Backdoor GameoverP2P NetWireRC China powershell Google Trojan Docker Kubernetes Cryptocurrency Miner Browser Social Engineering Stealer Criminal VirusTotal VPN Tick RAT Cobalt Strike CVSS United Kingdom Ransomware Cisco Telegram India Discord CISA Kaspersky Russia RATel Twitter Red Team UNIX Takedown DYEPACK LinkedIn CVE Vawtrak Government PoC Cryptocurrency Ubuntu hijack DNS NIST South Korea ...

No Title Date
1Linux goes PDF: Wie ein Entwickler das Betriebssystem in ein Dokument verwandelt hat - IT Sicherheitsnews2025.04.27
2Detecting and Mitigating io_uring Abuse for Malware Evasion - Malware.News2025.04.26
3Clandestine rootkit compromise possible with Linux io_uring interface issue - Malware.News2025.04.25
4IT Sicherheitsnews taegliche Zusammenfassung 2025-04-25 12h : 1 posts - IT Sicherheitsnews2025.04.25
5Unsichtbare Rootkits: „Blinder Fleck“ bei Kernel-Interface bedroht Linux-Systeme - IT Sicherheitsnews2025.04.25

Additional information

No Title Date
128th April – Threat Intelligence Report - Malware.News2025.04.28
2Navigating Through The Fog - Malware.News2025.04.28
3Huawei Set to Test Powerful AI Chip to Rival Nvidia’s, WSJ Says - Bloomberg Technology2025.04.28
4Gamers Beware! New Attack Targets Gamers to Deploy AgeoStealer Malware - Malware.News2025.04.26
5Threat Hunting: For what, when, and how? - Malware.News2025.04.26
View only the last 5
No data
No data
No data
No URL CC ASN Co Reporter Date
1http://142.171.103.249:8888/supershell/compile/download/xd
elf linux supershell 		CA CATry02024.08.23
2http://160.181.http://160.163:8888/LinuxTF
ddos linux 		Try02024.05.08
3http://160.181.http://160.166:8888/LinuxTF
ddos linux 		Try02024.05.08
4http://160.181.http://160.165:8888/LinuxTF
ddos linux 		Try02024.05.08
5http://160.181.http://160.164:8888/LinuxTF
ddos linux 		Try02024.05.08
View only the last 5
Beta Service, If you select keyword, you can check detailed information.