popup

Cyber Threat Trends

  1. Day Week

Gemelli flickerflypro flickerfly

Summary: 2025/04/28 19:49

First reported date: 2011/01/20
Inquiry period : 2025/03/29 19:49 ~ 2025/04/28 19:49 (1 months), 140 search results

전 기간대비 15% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 NetWireRC c&c njRAT C2 RAT 입니다.
악성코드 유형 DslogdRAT Xloader 도 새롭게 확인됩니다.
공격자 SideCopy UNC5221 도 새롭게 확인됩니다.
공격기술 RCE 도 새롭게 확인됩니다.
기관 및 기업 CISA AhnLab Germany 도 새롭게 확인됩니다.
기타 ResolverRAT MysterySnail Ivanti healthcare Open Directory 등 신규 키워드도 확인됩니다.

Netwire is an advanced RAT — it is a malware that takes control of infected PCs and allows its operators to perform various actions. Unlike many RATs, this one can target every major operating system, including Windows, Linux, and MacOS.  Ref.

 * 최근 뉴스기사 Top3:
    ㆍ 2025/04/25 DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks
    ㆍ 2025/04/24 DslogdRAT Malware Installed in Ivanti Connect Secure
    ㆍ 2025/04/24 Top intelligence lawmaker fears China may exploit DOGE’s changes to government


참고로 동일한 그룹의 악성코드 타입은 Remcos njRAT QuasarRAT 등 112개 종이 확인됩니다.

Trend graph by period


Related keyword cloud
Top 100
# Trend Count Comparison
1NetWireRC 140 ▲ 21 (15%)
2c&c 59 ▲ 17 (29%)
3Malware 56 ▼ -7 (-13%)
4njRAT 48 ▲ 21 (44%)
5C2 46 ▲ 19 (41%)
6RAT 44 ▲ 7 (16%)
7Campaign 31 ▼ -6 (-19%)
8Phishing 24 - 0 (0%)
9target 20 ▼ -5 (-25%)
10Report 20 ▼ -9 (-45%)
11attack 17 ▼ -2 (-12%)
12Trojan 15 ▲ 1 (7%)
13AsyncRAT 15 ▼ -10 (-67%)
14IoC 15 ▼ -8 (-53%)
15United States 15 ▼ -3 (-20%)
16Update 15 ▼ -6 (-40%)
17Remcos 14 ▲ 8 (57%)
18Victim 14 ▼ -3 (-21%)
19China 14 ▲ 2 (14%)
20Advertising 13 ▼ -6 (-46%)
21powershell 11 ▼ -2 (-18%)
22Windows 11 ▼ -6 (-55%)
23intelligence 11 ▲ 1 (9%)
24Email 11 ▼ -1 (-9%)
25Russia 10 - 0 (0%)
26Kaspersky 10 ▼ -1 (-10%)
27hacking 9 ▲ 5 (56%)
28Vulnerability 9 ▼ -6 (-67%)
29Distribution 9 - 0 (0%)
30Exploit 9 ▼ -7 (-78%)
31DslogdRAT 8 ▲ new
32Microsoft 8 ▼ -12 (-150%)
33ZeroDay 8 ▲ 6 (75%)
34XWorm 8 ▼ -4 (-50%)
35Cobalt Strike 7 ▲ 3 (43%)
36Software 7 ▼ -4 (-57%)
37Linux 7 ▲ 2 (29%)
38Government 7 ▼ -1 (-14%)
39Android 7 ▲ 1 (14%)
40Lumma 6 ▼ -4 (-67%)
41India 6 ▲ 3 (50%)
42ResolverRAT 6 ▲ new
43Japan 6 ▲ 3 (50%)
44GameoverP2P 5 - 0 (0%)
45Social Engineering 5 ▼ -2 (-40%)
46abusech 5 ▲ 3 (60%)
47Low 5 ▲ 4 (80%)
48ThreatProtection 5 ▲ 1 (20%)
49Backdoor 5 ▼ -7 (-140%)
50North Korea 5 - 0 (0%)
51Cisco 5 ▲ 3 (60%)
52Top 5 ▲ 2 (40%)
53RCE 5 ▲ new
54Xloader 5 ▲ new
55Operation 4 ▼ -4 (-100%)
56Education 4 - 0 (0%)
57MysterySnail 4 ▲ new
58CISA 4 ▲ new
59fake 4 ▲ 2 (50%)
60last 4 - 0 (0%)
61Ivanti 4 ▲ new
62Amadey 4 ▲ 3 (75%)
63AgentTesla 4 - 0 (0%)
64NortonLifeLock 4 - 0 (0%)
65snake 4 ▲ 1 (25%)
66tofsee 4 ▲ 2 (50%)
67Stealer 4 ▼ -17 (-425%)
68Java 4 ▼ -3 (-75%)
69Cryptocurrency 3 ▼ -10 (-333%)
70Ucraina 3 ▼ -3 (-100%)
71threat 3 - 0 (0%)
72Google 3 ▼ -4 (-133%)
73Banking 3 ▲ 2 (67%)
74GitHub 3 ▼ -2 (-67%)
75healthcare 3 ▲ new
76Open Directory 3 ▲ new
77AhnLab 3 ▲ new
78NSA 3 ▲ 2 (67%)
79Vawtrak 3 ▲ 1 (33%)
80Cobalt 3 ▲ 2 (67%)
81Downloader 3 ▲ 2 (67%)
82Telegram 3 ▼ -1 (-33%)
83Germany 3 ▲ new
84DCRat 3 ▼ -5 (-167%)
85Criminal 3 ▼ -9 (-300%)
86Cloudflare 3 ▲ 2 (67%)
87multistage 3 ▲ new
88Ransomware 3 ▼ -7 (-233%)
89Chinese 3 ▲ 2 (67%)
90Volt Typhoon 3 ▲ 2 (67%)
91ClickFix 2 - 0 (0%)
92SectopRAT 2 ▲ 1 (50%)
93SideCopy 2 ▲ new
94YouTube 2 ▼ -2 (-100%)
95neconyd 2 ▲ new
96VirusTotal 2 ▲ 1 (50%)
97RATel 2 ▲ 1 (50%)
98UNC5221 2 ▲ new
99iocs 2 ▲ 1 (50%)
100infrastructure 2 ▲ new
Special keyword group
Top 5
Malware Type
Malware Type

This is the type of malware that is becoming an issue.

Keyword Average Label
NetWireRC
140 (41.9%)
njRAT
48 (14.4%)
RAT
44 (13.2%)
Trojan
15 (4.5%)
AsyncRAT
15 (4.5%)
Attacker & Actors
Attacker & Actors

The status of the attacker or attack group being issued.

Keyword Average Label
Volt Typhoon
3 (27.3%)
SideCopy
2 (18.2%)
UNC5221
2 (18.2%)
Anonymous
2 (18.2%)
Lazarus
2 (18.2%)
Attack technique
Technique

This is an attack technique that is becoming an issue.

Keyword Average Label
Campaign
31 (32%)
Phishing
24 (24.7%)
hacking
9 (9.3%)
Exploit
9 (9.3%)
Social Engineering
5 (5.2%)
Country & Company
Country & Company

This is a country or company that is an issue.

Keyword Average Label
United States
15 (12%)
China
14 (11.2%)
Russia
10 (8%)
Kaspersky
10 (8%)
Microsoft
8 (6.4%)
Malware Family
Top 5

A malware family is a group of applications with similar attack techniques.
In this trend, it is classified into Ransomware, Stealer, RAT or Backdoor, Loader, Botnet, Cryptocurrency Miner.

Threat info
Last 5

SNS

(Total : 94)
  Total keyword

NetWireRC c&c njRAT C2 Malware RAT AsyncRAT Remcos XWorm DslogdRAT Campaign IoC Attacker Advertising Phishing target Amadey Japan Trojan powershell attack AgentTesla Lumma China Chinese Report Distribution Exploit Update Kaspersky Russia DCRat hacking iocs North Korea Cloudflare ZeroDay VBScript DDNS Rhadamanthys Xloader Vulnerability ClickFix Android RCE SectopRAT Banking Microsoft Binance vpn Open Directory VenomRAT opendir ...

No Title Date
1SarlackLab @SarlackLab
#njrat #C2 server 94.26.90.81:6666 confirmed 2025-04-26		2025.04.27
2Szabolcs Schmidt @smica83
Looks like a low detected #GhostRAT Uploaded @abuse_ch https://t.co/wU5at7zuhH https://t.co/oW7we4Uian		2025.04.27
3Cyber_OSINT @Cyber_O51NT
JPCERT warns of DslogdRAT malware exploiting a patched flaw in Ivanti Connect Secure, allowing remote code execution and targeting Japanese organizations, while also linked to the APT Silk Typhoon. #CyberSecurity #Malware https://t.co/LdcjAxvite		2025.04.26
4SarlackLab @SarlackLab
#njrat #C2 server 147.185.221.27:31185 team-evaluating.gl.at.ply.gg confirmed 2025-04-26		2025.04.26
5Threat Intelligence @threatintel
#ThreatProtection New malware campaign uses #Cloudflare tunnels to deploy #AsyncRAT with multi-stage payloads for remote access. Read more about Symantec's protections: https://t.co/QD2pK5Z5nw #Cybersecurity		2025.04.25

News

(Total : 46)
  Total keyword

NetWireRC Malware Campaign RAT Phishing Report Attacker target United States c&c Victim attack Update China intelligence Trojan Email Windows IoC Advertising Microsoft Government Cobalt Strike powershell Russia Kaspersky Linux Software hacking Vulnerability Android India ZeroDay Remcos Exploit Distribution AsyncRAT GameoverP2P Cisco Education RCE Java Operation Backdoor CISA Social Engineering Cobalt Ransomware NSA Google GitHub Xloader North Korea njRAT Criminal AhnLab Stealer Vawtrak Downloader Germany Cryptocurrency Volt Typhoon Police arrest MgBot Chrome Lazarus Twitter Open Directory ChatGPT VirusTotal UNC5221 UAE Password RATel Lumma Browser SentinelOne DslogdRAT Japan Ucraina Telegram Taiwan Takedown Banking Anonymous Sliver RSA Conference SideCopy ...

No Title Date
1Decoding njRAT traffic with NetworkMiner - Netresec / Erik Hjelmvik / malpedia2025.04.28
2DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks - The Hacker News2025.04.25
3DslogdRAT Malware Installed in Ivanti Connect Secure - Malware.News2025.04.24
4Top intelligence lawmaker fears China may exploit DOGE’s changes to government - Malware.News2025.04.24
5삼성 스마트폰 One UI, 치명적 보안 결함.. 사용자 데이터 '무방비 노출’ - 시큐리티팩트2025.04.23

Additional information

No data
No data
No data
No data
Beta Service, If you select keyword, you can check detailed information.