popup

Cyber Threat Trends

  1. Day Week

Gemelli flickerflypro flickerfly

Summary: 2025/04/30 07:38

First reported date: 2014/04/06
Inquiry period : 2025/03/31 07:38 ~ 2025/04/30 07:38 (1 months), 5 search results

전 기간대비 20% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 script Advertising 입니다.
악성코드 유형 Clipbanker Trojan 도 새롭게 확인됩니다.
공격기술 Exploit Phishing hijack Hijacking RCE 도 새롭게 확인됩니다.
기관 및 기업 Kaspersky Russia Microsoft 도 새롭게 확인됩니다.
기타 exe Browser Takedown Software Password 등 신규 키워드도 확인됩니다.

 * 최근 뉴스기사 Top3:
    ㆍ 2025/04/08 Attackers distributing a miner and the ClipBanker Trojan via SourceForge

Trend graph by period


Related keyword cloud
Top 100
# Trend Count Comparison
1script 5 ▲ 1 (20%)
2Advertising 2 ▲ 1 (50%)
3exe 1 ▲ new
4Exploit 1 ▲ new
5Browser 1 ▲ new
6Clipbanker 1 ▲ new
7Takedown 1 ▲ new
8Trojan 1 ▲ new
9Software 1 ▲ new
10attack 1 - 0 (0%)
11Password 1 ▲ new
12file 1 ▲ new
13archive 1 ▲ new
14py 1 - 0 (0%)
15batch 1 ▲ new
16Update 1 - 0 (0%)
17French 1 ▲ new
18Alleged 1 ▲ new
19Phishing 1 ▲ new
20target 1 ▲ new
21payment 1 - 0 (0%)
22datatheft 1 ▲ new
23recent 1 ▲ new
24analysis 1 ▲ new
25JavaScript 1 ▲ new
26Java 1 - 0 (0%)
27PayFiP 1 ▲ new
28Windows 1 ▲ new
29GitHub 1 - 0 (0%)
30Malware 1 ▼ -2 (-200%)
31httpsnopastenetLOAMBWe 1 ▲ new
32KongTuke 1 ▲ new
33captcha 1 ▲ new
34clipboardhijacking 1 ▲ new
35pastejacking 1 ▲ new
36Friday 1 ▲ new
37Injected 1 ▲ new
38legitimate 1 ▲ new
39hijack 1 ▲ new
40Hijacking 1 ▲ new
41Kaspersky 1 ▲ new
42Telegram 1 ▲ new
43Russia 1 ▲ new
44Campaign 1 - 0 (0%)
45c&c 1 ▲ new
46Cryptocurrency 1 ▲ new
47Victim 1 ▲ new
48powershell 1 - 0 (0%)
49Distribution 1 - 0 (0%)
50SMB 1 ▲ new
51Microsoft 1 ▲ new
52RCE 1 ▲ new
Special keyword group
Top 5
Malware Type
Malware Type

This is the type of malware that is becoming an issue.

Keyword Average Label
Clipbanker
1 (50%)
Trojan
1 (50%)
Attacker & Actors
Attacker & Actors

The status of the attacker or attack group being issued.

Keyword Average Label
Attack technique
Technique

This is an attack technique that is becoming an issue.

Keyword Average Label
Exploit
1 (16.7%)
Phishing
1 (16.7%)
hijack
1 (16.7%)
Hijacking
1 (16.7%)
Campaign
1 (16.7%)
Country & Company
Country & Company

This is a country or company that is an issue.

Keyword Average Label
Kaspersky
1 (33.3%)
Russia
1 (33.3%)
Microsoft
1 (33.3%)
Threat info
Last 5

SNS

(Total : 4)
  Total keyword

Java payment target Phishing Advertising Hijacking hijack RCE

No Title Date
1Cyber_OSINT @Cyber_O51NT
A recent analysis revealed a JavaScript script used in credit card theft during online transactions, linked to an incident response team's findings on e-commerce security vulnerabilities. #CyberSecurity #DataTheft https://t.co/uztUBPNjhi		2025.04.18
2Dark Web Informer - Cyber Threat Intelligence @DarkWebInformer
???????????? Alleged PayFiP Phishing Script Targeting French Citizens – Refund Scam Theme A threat actor is selling a phishing kit designed to impersonate the official French PayFiP platform, used for public service payments and tax processing. The script is tailored to collect https://t.co/J0vS6Wg		2025.04.18
3Unit 42 @Unit42_Intel
2025-04-04 (Friday): Injected #KongTuke script in pages from legitimate but compromised websites leads to fake #CAPTCHA style pages and #ClipboardHijacking (#pastejacking). These pages ask users to paste malicious script into a Run window. Latest info at https://t.co/EFqwiGYH40 https://t.co/gsDqluwN		2025.04.04
4JAMESWT @JAMESWT_MHT
there is this too .py script https://t.co/1HjbC2vOWy from https://nopaste[.net/LOAMBWe44S		2025.04.01

News

(Total : 1)
  Total keyword

Malware Exploit Password attack Software Trojan Takedown Advertising Clipbanker Browser Update Kaspersky GitHub Windows Telegram Microsoft SMB Distribution powershell Attacker Victim Cryptocurrency c&c Campaign Russia

No Title Date
1Attackers distributing a miner and the ClipBanker Trojan via SourceForge - Malware.News2025.04.08

Additional information

No Title Date
1Attackers distributing a miner and the ClipBanker Trojan via SourceForge - Malware.News2025.04.08
2Attackers distributing a miner and the ClipBanker Trojan via SourceForge - Malware.News2025.04.08
3Tracking Emmenhtal - Malware.News2025.03.04
4LCRYX Ransomware: How a VB Ransomware Locks Your System - Malware.News2025.02.24
5LDAPNightmare Spoof Stealer - Malware.News2025.02.17
View only the last 5
Level Description
watch Communicates with host for which no DNS query was performed
watch Resumed a suspended thread in a remote process potentially indicative of process injection
notice Allocates read-write-execute memory (usually to unpack itself)
notice An application raised an exception which may be indicative of an exploit crash
notice Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time)
notice File has been identified by 2 AntiVirus engines on VirusTotal as malicious
notice Performs some HTTP requests
notice Uses Windows utilities for basic Windows functionality
notice Yara rule detected in process memory
info One or more processes crashed
Network ET INFO TLS Handshake Failure
Network SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
No data
No URL CC ASN Co Reporter Date
1https://doubt-privacy-hits-turkey.trycloudflare.com/hiddenbins/ohshit.sh
script 		US USCLOUDFLARENETgeenensp2025.04.24
2https://biteblob.com/Download/9DDDTpP4777ip5/#ohshit.sh
script 		US USUUNETgeenensp2025.04.22
3https://files.catbox.moe/oayhng.sh
script 		CA CAASN852geenensp2025.04.20
4http://45.83.207.17/moobot/moobot.sh
script 		GB GBClouvider Limitedgeenensp2025.04.19
5http://176.65.142.122/bins.sh
script 		DE DEgeenensp2025.04.18
View only the last 5
Beta Service, If you select keyword, you can check detailed information.