Cyber Threat Trends

Summary: 2025/04/29 03:09

First reported date: 2019/05/03
Inquiry period : 2025/03/30 03:09 ~ 2025/04/29 03:09 (1 months), 9 search results

전 기간대비 89% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 UNC China Malware ZeroDay Mandiant 입니다.
공격자 unc5221 unc1069 unc4899 TraderTraitor CryptoCore 도 새롭게 확인됩니다.
공격기술 Exploit RCE Campaign Social Engineering 도 새롭게 확인됩니다.
기관 및 기업 Google dprk North Korea Iran Chinese Cloudflare Israel 도 새롭게 확인됩니다.
기타 group Ivanti Threat securityaffairs Secure 등 신규 키워드도 확인됩니다.

* 최근 뉴스기사 Top3:
    ㆍ 2025/04/23 Iran-Linked Hackers Target Israel with MURKYTOUR Malware via Fake Job Campaign
    ㆍ 2025/04/16 Chinese UNC5174 Group Expands Arsenal with New Open Source Tool and C2 Infrastructure
    ㆍ 2025/04/15 UNC5174’s evolution in China’s ongoing cyber warfare: From SNOWLIGHT to VShell

Date range button:

First seen:

Last seen:

Keyword

Trend graph by period

Related keyword cloud

Top 100

#	Trend	Count	Comparison
1	UNC	9	▲ 8 (89%)
2	China	7	▲ 6 (86%)
3	unc5221	5	▲ new
4	group	4	▲ new
5	Ivanti	3	▲ new
6	Malware	3	▲ 2 (67%)
7	ZeroDay	3	▲ 2 (67%)
8	Exploit	3	▲ new
9	RCE	2	▲ new
10	Mandiant	2	▲ 1 (50%)
11	Campaign	2	▲ new
12	Threat	2	▲ new
13	securityaffairs	2	▲ new
14	Secure	2	▲ new
15	hacking	2	▲ 1 (50%)
16	Connect	2	▲ new
17	unc1069	1	▲ new
18	Backdoor	1	- 0 (0%)
19	target	1	▲ new
20	Operation	1	▲ new
21	MURKYTOUR	1	▲ new
22	actor	1	▲ new
23	ITWorker	1	▲ new
24	Trend	1	▲ new
25	Chinas	1	▲ new
26	unc3782	1	▲ new
27	Google	1	▲ new
28	unc4899	1	▲ new
29	unc5342	1	▲ new
30	dprk	1	▲ new
31	cti	1	▲ new
32	Data	1	▲ new
33	TraderTraitor	1	▲ new
34	North Korea	1	▲ new
35	UNC4736	1	▲ new
36	Social Engineering	1	▲ new
37	Iran	1	▲ new
38	Chinese	1	▲ new
39	aka	1	▲ new
40	Uteus	1	▲ new
41	Linux	1	▲ new
42	Cloudflare	1	▲ new
43	evolution	1	▲ new
44	MacOS	1	▲ new
45	c&c	1	▲ new
46	C2	1	▲ new
47	Expands	1	▲ new
48	Israel	1	▲ new
49	unc5174	1	▲ new
50	Sysdig	1	▲ new
51	Research	1	▲ new
52	Team	1	▲ new
53	Report	1	▲ new
54	Cyberespionage	1	▲ new
55	VPN	1	▲ new
56	warfare	1	▲ new
57	CryptoCore	1	▲ new

Special keyword group

Top 5

Malware Type

This is the type of malware that is becoming an issue.

No data.

Attacker & Actors

The status of the attacker or attack group being issued.

Keyword	Average	Label
unc5221		5 (55.6%)
unc1069		1 (11.1%)
unc4899		1 (11.1%)
TraderTraitor		1 (11.1%)
CryptoCore		1 (11.1%)

Technique

This is an attack technique that is becoming an issue.

Keyword	Average	Label
Exploit		3 (27.3%)
RCE		2 (18.2%)
Campaign		2 (18.2%)
hacking		2 (18.2%)
Backdoor		1 (9.1%)

Country & Company

This is a country or company that is an issue.

Keyword	Average	Label
China		7 (43.8%)
Mandiant		2 (12.5%)
Google		1 (6.3%)
dprk		1 (6.3%)
North Korea		1 (6.3%)

Threat info

Last 5

SNS

(Total : 6)

Total keyword

China unc5221 ZeroDay Exploit hacking unc1069 UNC4736 unc4899 TraderTraitor dprk Mandiant North Korea VPN Report MacOS Malware RCE Cloudflare Linux CryptoCore

No	Title	Date
1	lazarusholic @lazarusholic "M-Trends 2025: Data, Insights, and Recommendations From the Frontlines" published by @Mandiant. #ITWorker, #Trend, #UNC1069, #UNC3782, #UNC4736, #UNC4899, #UNC5342, #DPRK, #CTI https://t.co/aM8ET9BT6z	2025.04.24
2	Cyber_OSINT @Cyber_O51NT Cyber-espionage group UNC5221, linked to China, has been exploiting vulnerabilities in Ivanti Connect Secure VPN appliances since 2023, showcasing their ability to weaponize zero-day exploits effectively. #CyberSecurity #UNC5221 https://t.co/wbslKlCshk	2025.04.18
3	Cyber_OSINT @Cyber_O51NT The Sysdig Threat Research Team reported that UNC5174 has evolved its cyber warfare tactics in China, transitioning from SNOWLIGHT to the sophisticated VShell tool for espionage and access brokering. #CyberSecurity #UNC5174 https://t.co/BUUv0rugdi	2025.04.16
4	The Hacker News @TheHackersNews ⚠️ UNC5174 (aka Uteus), tied to China, is quietly breaching Linux & macOS systems using SNOWLIGHT malware + a fake Cloudflare app (VShell). ???? Targets: 20+ nations \| Sectors: Gov, finance, defense ???? Tactics: Open-source tools, fileless payloads, fake authenticator apps ???? Risk: https://t	2025.04.15
5	Pierluigi Paganini - Security Affairs @securityaffairs #China-linked group #UNC5221 exploited #Ivanti Connect Secure zero-day since mid-March https://t.co/J9u8W4FYPc #securityaffairs #hacking -	2025.04.04

News

(Total : 3)

Total keyword

China Malware Campaign Israel Operation target Backdoor Mandiant Google Iran Social Engineering Chinese C2 RCE c&c

No	Title	Date
1	Iran-Linked Hackers Target Israel with MURKYTOUR Malware via Fake Job Campaign - The Hacker News	2025.04.23
2	Chinese UNC5174 Group Expands Arsenal with New Open Source Tool and C2 Infrastructure - Malware.News	2025.04.16
3	UNC5174’s evolution in China’s ongoing cyber warfare: From SNOWLIGHT to VShell - sysdig / Alessandra Rizzo / malpedia	2025.04.15

Additional information

No	Title	Date
1	FBI Reports ₹1.38 Lakh Crore Loss in 2024, a 33% Surge from 2023 - Malware.News	2025.04.29
2	US intensifies Salt Typhoon crackdown with public info request - Malware.News	2025.04.29
3	Trump moves threaten US cyber defenses, says former CISA director Easterly - Malware.News	2025.04.29
4	Escalating attacks against Ivanti VPN appliances expected - Malware.News	2025.04.29
5	Critical Planet Technology switch vulnerabilities pose total takeover risk - Malware.News	2025.04.29
View only the last 5

No	Title	Date
1	Iran-Linked Hackers Target Israel with MURKYTOUR Malware via Fake Job Campaign - The Hacker News	2025.04.23
2	Iran-Linked Hackers Target Israel with MURKYTOUR Malware via Fake Job Campaign - The Hacker News	2025.04.23
3	“중국 해킹그룹 UNC3886, 주니퍼네트웍스 라우터 타깃 제로데이 공격 수행” - 데일리시큐	2025.03.14
4	Iranian APT UNC1860 Linked to MOIS Facilitates Cyber Intrusions in Middle East - The Hacker News	2024.09.20
5	Iranian APT UNC1860 Linked to MOIS Facilitates Cyber Intrusions in Middle East - The Hacker News	2024.09.20
View only the last 5

No data

Beta Service, If you select keyword, you can check detailed information.