Cyber Threat Trends

Summary: 2025/04/28 18:24

First reported date: 2011/01/31
Inquiry period : 2025/03/29 18:24 ~ 2025/04/28 18:24 (1 months), 17 search results

전 기간대비 -12% 낮은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 Distribution Advertising Russia Update target 입니다.
악성코드 유형 Rhadamanthys Black Basta Pteranodon 도 새롭게 확인됩니다.
공격자 Gamaredon 도 새롭게 확인됩니다.
공격기술 Malvertising 도 새롭게 확인됩니다.
기관 및 기업 Binance German Rapid7 도 새롭게 확인됩니다.
기타 WMI httpstcowaThl nw braineecomau JAMESWTWT 등 신규 키워드도 확인됩니다.

* 최근 뉴스기사 Top3:
    ㆍ 2025/04/28 윈도우 11 보안 기능 VBS Enclaves가 일부 시스템에서 더 이상 사용되지 않음
    ㆍ 2025/04/18 Inside Black Basta: Ransomware Resilience and Evolution After the Leak
    ㆍ 2025/04/17 Gamaredon’s PteroLNK VBScript Malware Infrastructure and TTPs Uncovered by Researchers

Date range button:

First seen:

Last seen:

Keyword

Trend graph by period

Related keyword cloud

Top 100

#	Trend	Count	Comparison
1	VBScript	17	▼ -2 (-12%)
2	Malware	12	▼ -2 (-17%)
3	powershell	9	▼ -1 (-11%)
4	Microsoft	8	▼ -2 (-25%)
5	Campaign	8	▼ -2 (-25%)
6	Windows	7	▼ -2 (-29%)
7	c&c	7	▼ -3 (-43%)
8	Report	6	▼ -5 (-83%)
9	IoC	6	▼ -4 (-67%)
10	Distribution	6	▲ 1 (17%)
11	Advertising	5	▲ 1 (20%)
12	Russia	5	▲ 2 (40%)
13	United States	5	▼ -3 (-60%)
14	Update	5	▲ 2 (40%)
15	Phishing	5	▼ -6 (-120%)
16	Vulnerability	4	▼ -4 (-100%)
17	GameoverP2P	4	- 0 (0%)
18	target	4	▲ 1 (25%)
19	Email	4	▲ 1 (25%)
20	South Korea	3	- 0 (0%)
21	Browser	3	- 0 (0%)
22	Exploit	3	▼ -3 (-100%)
23	Kaspersky	3	▼ -1 (-33%)
24	Victim	3	▼ -5 (-167%)
25	Ucraina	3	▲ 1 (33%)
26	Android	3	- 0 (0%)
27	Government	3	▲ 1 (33%)
28	Social Engineering	3	- 0 (0%)
29	attack	3	- 0 (0%)
30	Java	2	▼ -4 (-200%)
31	Linux	2	▼ -1 (-50%)
32	GitHub	2	▼ -3 (-150%)
33	Stealer	2	▼ -4 (-200%)
34	Criminal	2	▼ -1 (-50%)
35	Cryptocurrency	2	▲ 1 (50%)
36	WMI	2	▲ new
37	Operation	2	▼ -2 (-100%)
38	Germany	2	▲ 1 (50%)
39	Taiwan	2	- 0 (0%)
40	Japan	2	▼ -1 (-50%)
41	VBS	2	▲ 1 (50%)
42	Software	2	- 0 (0%)
43	Rhadamanthys	2	▲ new
44	DCRat	2	▲ 1 (50%)
45	NetWireRC	2	▼ -3 (-150%)
46	Telegram	2	▼ -1 (-50%)
47	North Korea	2	▼ -1 (-50%)
48	Australia	2	▲ 1 (50%)
49	China	2	- 0 (0%)
50	abusech	1	- 0 (0%)
51	httpstcowaThl	1	▲ new
52	Binance	1	▲ new
53	nw	1	▲ new
54	braineecomau	1	▲ new
55	Twitter	1	▼ -4 (-400%)
56	JAMESWTWT	1	▲ new
57	6017257934	1	▲ new
58	DHLSADE	1	▲ new
59	EDR	1	▲ new
60	IcedID	1	▼ -1 (-100%)
61	German	1	▲ new
62	bbc	1	▲ new
63	Malicious Traffic	1	▲ new
64	RAR	1	▲ new
65	Quiroga	1	▲ new
66	LinkedIn	1	▼ -5 (-500%)
67	Ransomware	1	▼ -2 (-200%)
68	기능	1	▲ new
69	윈도우	1	▲ new
70	httpstcooQxkcaRnq	1	▲ new
71	httpsnationaldefensecollegecomcontentkkvbs	1	▲ new
72	bca	1	▲ new
73	stage	1	▲ new
74	Next	1	▲ new
75	ComputerN	1	▲ new
76	VPN	1	- 0 (0%)
77	Rapid7	1	▲ new
78	Black Basta	1	▲ new
79	Malvertising	1	▲ new
80	VMware	1	▲ new
81	From	1	▲ new
82	Uruguay	1	▲ new
83	CVvbs	1	▲ new
84	정보	1	▲ new
85	Luciana	1	▲ new
86	Researchers	1	▲ new
87	PteroLNK	1	▲ new
88	Gamaredon	1	▲ new
89	Pteranodon	1	▲ new
90	intelligen	1	▲ new
91	Low	1	- 0 (0%)
92	CVSS	1	▲ new
93	공격	1	▲ new
94	sophisticated	1	▲ new
95	Chrome	1	▼ -1 (-100%)
96	Naver	1	▼ -1 (-100%)
97	Kimsuky	1	▼ -2 (-200%)
98	Deobfuscation	1	- 0 (0%)
99	StegoCampaign	1	- 0 (0%)
100	REFINERY	1	- 0 (0%)

Special keyword group

Top 5

Malware Type

This is the type of malware that is becoming an issue.

Keyword	Average	Label
GameoverP2P		4 (26.7%)
Rhadamanthys		2 (13.3%)
DCRat		2 (13.3%)
NetWireRC		2 (13.3%)
IcedID		1 (6.7%)

Attacker & Actors

The status of the attacker or attack group being issued.

Keyword	Average	Label
Gamaredon		1 (50%)
Kimsuky		1 (50%)

Technique

This is an attack technique that is becoming an issue.

Keyword	Average	Label
Campaign		8 (32%)
Phishing		5 (20%)
Exploit		3 (12%)
Social Engineering		3 (12%)
Stealer		2 (8%)

Country & Company

This is a country or company that is an issue.

Keyword	Average	Label
Microsoft		8 (15.7%)
Russia		5 (9.8%)
United States		5 (9.8%)
South Korea		3 (5.9%)
Kaspersky		3 (5.9%)

Threat info

Last 5

SNS

(Total : 6)

Total keyword

VBScript Attacker Rhadamanthys powershell DCRat Malware NetWireRC IoC VBS

No	Title	Date
1	MalwareHunterTeam @malwrhunterteam Next stage, "kk.vbs": bca5f50de8d565deb2bf7a3cc7d22fb743845135ab3195444365fcad2b12ea7a From: https://nationaldefensecollege.com/content/kk.vbs https://t.co/oQxkcaRnq2	2025.04.26
2	MalwareHunterTeam @malwrhunterteam "Luciana Quiroga CV.vbs" seen from Uruguay: 80ebc03ac8cb2e89d5295bc54ac6897d793f9bbff15d2d8a7a19974f6aea581a From: https://www.dropbox.com/scl/fi/fpjvgs48ibkv7jujnyt09/CV-Quiroga-Luciana.vbs?rlkey=gba4zghqe1dii920v2orupu6a&st=by84lq86&dl=1 @1ZRR4H https://t.co/g3LL3jtJ14	2025.04.18
3	Yogesh Londhe @suyog41 DHL_SADE2_Draft_Documents_ref#6017257934.vbs bbc553df54fb0186458b3337a04e5f9f n/w brainee.com.au #IOC https://t.co/yTfesIegtG	2025.04.14
4	Szabolcs Schmidt @smica83 Low detected VBS @abuse_ch https://t.co/waThl17u5x @JAMESWT_WT https://t.co/A95Ay3kmJL	2025.04.13
5	Cyber_OSINT @Cyber_O51NT Acronis TRU reveals a sophisticated malware delivery chain involving a RAR file, a fake summons, and scripts to deploy DCRat & Rhadamanthys, highlighting how attackers bypass defenses using VBS, batch, and PowerShell. #cybersecurity #malware https://t.co/EXOAKH0CSU	2025.04.02

News

(Total : 11)

Total keyword

VBScript Malware Microsoft Campaign Windows c&c powershell Report Distribution Attacker IoC Advertising United States Russia Phishing Update GameoverP2P target Email Vulnerability Android Social Engineering Exploit Ucraina Browser Kaspersky South Korea Government Victim attack Taiwan North Korea China Operation Linux Telegram Japan GitHub Stealer Criminal Australia Germany Software Java WMI Cryptocurrency Malicious Traffic EDR German Binance IcedID Malvertising Twitter Ransomware 윈도우 VBS VPN Rapid7 Black Basta LinkedIn VMware Cloudflare Gamaredon Pteranodon intelligence United Kingdom France Italy Canada Kimsuky Naver Chrome Firefox Trojan Tor DDNS payment DDoS CVSS YouTube Microsoft Edge Remote Code Execution XSS ...

No	Title	Date
1	윈도우 11 보안 기능 VBS Enclaves가 일부 시스템에서 더 이상 사용되지 않음 - Malware.News	2025.04.28
2	Inside Black Basta: Ransomware Resilience and Evolution After the Leak - Malware.News	2025.04.18
3	Gamaredon’s PteroLNK VBScript Malware Infrastructure and TTPs Uncovered by Researchers - Malware.News	2025.04.17
4	Monthly Threat Actor Group Intelligence Report, February 2025 (ENG) - Malware.News	2025.04.16
5	Threat actors misuse Node.js to deliver malware and other malicious payloads - Malware.News	2025.04.16

Additional information

No	Title	Date
1	28th April – Threat Intelligence Report - Malware.News	2025.04.28
2	Navigating Through The Fog - Malware.News	2025.04.28
3	Huawei Set to Test Powerful AI Chip to Rival Nvidia’s, WSJ Says - Bloomberg Technology	2025.04.28
4	Gamers Beware! New Attack Targets Gamers to Deploy AgeoStealer Malware - Malware.News	2025.04.26
5	Threat Hunting: For what, when, and how? - Malware.News	2025.04.26
View only the last 5

No	Title	Date
1	윈도우 11 보안 기능 VBS Enclaves가 일부 시스템에서 더 이상 사용되지 않음 - Malware.News	2025.04.28
2	Inside Black Basta: Ransomware Resilience and Evolution After the Leak - Malware.News	2025.04.18
3	Inside Black Basta: Ransomware Resilience and Evolution After the Leak - Malware.News	2025.04.18
4	Gamaredon’s PteroLNK VBScript Malware Infrastructure and TTPs Uncovered by Researchers - Malware.News	2025.04.17
5	Monthly Threat Actor Group Intelligence Report, February 2025 (ENG) - Malware.News	2025.04.16
View only the last 5

No data

No	URL	CC	ASN Co	Reporter	Date
1	http://146.19.207.4/tiktok.txt vbscript	FR		Riordz	2025.02.15

Beta Service, If you select keyword, you can check detailed information.