Cyber Threat Trends

Summary: 2025/04/29 00:01

First reported date: 2020/09/23
Inquiry period : 2025/03/30 00:01 ~ 2025/04/29 00:01 (1 months), 6 search results

전 기간대비 신규 트렌드를 보이고 있습니다.
악성코드 유형 RAT NetWireRC Trojan ReverseRAT ActionRAT AsyncRAT SparkRAT 도 새롭게 확인됩니다.
공격자 SideCopy 도 새롭게 확인됩니다.
공격기술 Campaign APT Phishing hacking 도 새롭게 확인됩니다.
기관 및 기업 India Microsoft United States North Korea China UAE 도 새롭게 확인됩니다.
기타 Malware powershell Windows Linux Chrome 등 신규 키워드도 확인됩니다.

The SideCopy APT is a Pakistani threat actor that has been operating since at least 2019, mainly targeting South Asian countries and more specifically India and Afghanistan. Its name comes from its infection chain that tries to mimic that of the SideWinde

* 최근 뉴스기사 Top3:
ㆍ 2025/04/14 파키스탄 연계 해킹 그룹, 인도 정부·국방·해양 집중 공격
ㆍ 2025/04/08 Goodbye HTA, Hello MSI: New TTPs and Clusters of an APT driven by Multi-Platform Attacks

Date range button:

First seen:

Last seen:

Keyword

Trend graph by period

Related keyword cloud

Top 100

#	Trend	Count	Comparison
1	SideCopy	6	▲ new
2	Campaign	5	▲ new
3	India	4	▲ new
4	APT	3	▲ new
5	Malware	3	▲ new
6	powershell	2	▲ new
7	Windows	2	▲ new
8	Linux	2	▲ new
9	RAT	2	▲ new
10	Microsoft	2	▲ new
11	NetWireRC	2	▲ new
12	Chrome	2	▲ new
13	c&c	2	▲ new
14	IoC	2	▲ new
15	Phishing	2	▲ new
16	Firefox	1	▲ new
17	Trojan	1	▲ new
18	SideWinder	1	▲ new
19	ReverseRAT	1	▲ new
20	공격	1	▲ new
21	hacking	1	▲ new
22	파일	1	▲ new
23	사용	1	▲ new
24	Dolphin	1	▲ new
25	amp	1	▲ new
26	Infra	1	▲ new
27	Distribution	1	▲ new
28	Limited	1	▲ new
29	Latest	1	▲ new
30	sample	1	▲ new
31	VT0	1	▲ new
32	QWERTYRBG	1	▲ new
33	Hi	1	▲ new
34	dear	1	▲ new
35	Check	1	▲ new
36	ActionRAT	1	▲ new
37	Seqrite	1	▲ new
38	AsyncRAT	1	▲ new
39	GitHub	1	▲ new
40	The Shadow Brokers	1	▲ new
41	Open Directory	1	▲ new
42	United States	1	▲ new
43	Victim	1	▲ new
44	SparkRAT	1	▲ new
45	North Korea	1	▲ new
46	China	1	▲ new
47	arrest	1	▲ new
48	Update	1	▲ new
49	target	1	▲ new
50	Education	1	▲ new
51	UAE	1	▲ new
52	Advertising	1	▲ new
53	Email	1	▲ new
54	Ma	1	▲ new
55	Labs	1	▲ new
56	Pakistanlinked	1	▲ new
57	attack	1	▲ new
58	Report	1	▲ new
59	DM	1	▲ new

Special keyword group

Top 5

Malware Type

This is the type of malware that is becoming an issue.

Keyword	Average	Label
RAT		2 (22.2%)
NetWireRC		2 (22.2%)
Trojan		1 (11.1%)
ReverseRAT		1 (11.1%)
ActionRAT		1 (11.1%)

Attacker & Actors

The status of the attacker or attack group being issued.

Keyword	Average	Label
SideCopy		6 (100%)

Technique

This is an attack technique that is becoming an issue.

Keyword	Average	Label
Campaign		5 (45.5%)
APT		3 (27.3%)
Phishing		2 (18.2%)
hacking		1 (9.1%)

Country & Company

This is a country or company that is an issue.

Keyword	Average	Label
India		4 (40%)
Microsoft		2 (20%)
United States		1 (10%)
North Korea		1 (10%)
China		1 (10%)

Threat info

Last 5

SNS

(Total : 4)

Total keyword

SideCopy APT Campaign India c&c IoC Malware target Report attack

No	Title	Date
1	Cyber Team @Cyberteam008 @QWERTYRBG Hi dear, Check your DM. We have explained the reason behind attributing it to the SideCopy APT. Regrads	2025.04.24
2	Cyber Team @Cyberteam008 [2/2] #SideCopy #APT Infra: 176.65.143.215 (AS - Dolphin 1337 Limited) https://t.co/8Rz64xYKda.ministryofdefenceindia.org https://t.co/8Rz64xYKda.departmentofdefence.de @500mk500 #Malware #ioc	2025.04.23
3	Cyber Team @Cyberteam008 [1/2] Latest Undetected #SideCopy #APT sample (VT-0) File: Alleged Case of Sexual Harassment by Senior Army Officer.pdf MD5: 00cd306f7cdcfe187c561dd42ab40f33 POST C2: https://indianarmy.nic.in.departmentofdefence.de/publications/publications-site-main/index.htm https://t.co/ErJtL60hii	2025.04.23
4	Cyber_OSINT @Cyber_O51NT Seqrite Labs reports that the Pakistan-linked SideCopy APT has shifted from HTA to MSI files for multi-platform attacks, now targeting sectors like railways and oil & gas, while employing advanced techniques like DLL side-loading and reflective loading. … https://t.co/LnRNnWdYKe	2025.04.09

News

(Total : 2)

Total keyword

NetWireRC RAT Chrome SideCopy Windows Linux India Microsoft powershell Phishing Campaign Malware Trojan Firefox ReverseRAT SideWinder hacking ActionRAT Distribution AsyncRAT Email GitHub Advertising UAE Education Update arrest China North Korea SparkRAT Attacker Victim c&c IoC United States Open Directory The Shadow Brokers

No	Title	Date
1	파키스탄 연계 해킹 그룹, 인도 정부·국방·해양 집중 공격 - 시큐리티팩트	2025.04.14
2	Goodbye HTA, Hello MSI: New TTPs and Clusters of an APT driven by Multi-Platform Attacks - Malware.News	2025.04.08

Additional information

No	Title	Date
1	Employee monitoring app exposes users, leaks 21+ million screenshots - Malware.News	2025.04.28
2	Introducing XSIAM 3.0 - Malware.News	2025.04.28
3	Deploy Bravely with Prisma AIRS - Malware.News	2025.04.28
4	2025 Cyber Resilience Research Discovers Speed of AI Advancing Emerging Attack Types - Malware.News	2025.04.28
5	Intel CEO Targets Change in Corporate Culture to Shape Up - Bloomberg Technology	2025.04.28
View only the last 5

No	Title	Date
1	파키스탄 연계 해킹 그룹, 인도 정부·국방·해양 집중 공격 - 시큐리티팩트	2025.04.14
2	Goodbye HTA, Hello MSI: New TTPs and Clusters of an APT driven by Multi-Platform Attacks - Malware.News	2025.04.08
3	Exposing the Deceit: Phishing Sites Impersonating Government Entities - Malware.News	2025.02.18
4	Snowblind: The Invisible Hand of Secret Blizzard - Malware.News	2024.12.05
5	Snowblind: The Invisible Hand of Secret Blizzard - Malware.News	2024.12.05
View only the last 5

No data

No	URL	CC	ASN Co	Reporter	Date
1	https://isometricsindia.co.in/js/files/chi/1.hta APT hta SIDECOPY	IN	PUBLIC-DOMAIN-REGISTRY	abuse_ch	2023.08.29

Beta Service, If you select keyword, you can check detailed information.