popup

Cyber Threat Trends

  1. Day Week

Gemelli flickerflypro flickerfly

Summary: 2025/05/08 15:03

First reported date: 2014/07/19
Inquiry period : 2025/04/08 15:03 ~ 2025/05/08 15:03 (1 months), 18 search results

전 기간대비 33% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 Python Malware Campaign Package 입니다.
공격기술 Stealer Phishing RCE hacking Social Engineering hijack 도 새롭게 확인됩니다.
기관 및 기업 North Korea Palo Alto Networks 도 새롭게 확인됩니다.
기타 amp Pentagon Browser Crypto infostealer 등 신규 키워드도 확인됩니다.

 * 최근 뉴스기사 Top3:
    ㆍ 2025/05/06 Python InfoStealer with Embedded Phishing Webserver, (Tue, May 6th)
    ㆍ 2025/04/30 [UPDATE] [mittel] Python: Schwachstelle ermöglicht Denial of Service
    ㆍ 2025/04/30 [UPDATE] [mittel] Python: Schwachstelle ermöglicht Manipulation von Dateien

Trend graph by period


Related keyword cloud
Top 100
# Trend Count Comparison
1Python 18 ▲ 6 (33%)
2Malware 6 ▲ 3 (50%)
3Stealer 5 ▲ new
4amp 3 ▲ new
5Pentagon 3 ▲ new
6Browser 3 ▲ new
7Crypto 2 ▲ new
8Update 2 ▼ -4 (-200%)
9infostealer 2 ▲ new
10Campaign 2 ▲ 1 (50%)
11Schwachstelle 2 ▼ -2 (-100%)
12Telegram 2 ▲ new
13Package 2 ▲ 1 (50%)
14North Korea 2 ▲ new
15Important 1 ▲ new
16Frameworks 1 ▲ new
17httpstcovSGE 1 ▲ new
18GREATEST 1 ▲ new
19TREMENDOUS 1 ▲ new
20great 1 ▲ new
21Golang 1 ▲ new
22Next 1 ▲ new
23malwrhunterteam 1 ▲ new
24Libraries 1 ▲ new
25Manipulation 1 - 0 (0%)
26von 1 ▼ -3 (-300%)
27Victim 1 ▲ new
28Pythons 1 ▲ new
29Built 1 ▲ new
30Hardware 1 ▲ new
31Webserver 1 ▲ new
32Embedded 1 ▲ new
33Phishing 1 ▲ new
34Dateien 1 ▼ -1 (-100%)
35attack 1 - 0 (0%)
36Artikel 1 - 0 (0%)
37Service 1 - 0 (0%)
38Denial 1 - 0 (0%)
39NortonLifeLock 1 ▲ new
40ThreatProtection 1 ▲ new
41DNS 1 ▲ new
42Braodo 1 ▲ new
43gt 1 ▲ new
44Discord 1 ▲ new
45GitHub 1 - 0 (0%)
46RCE 1 ▲ new
47Vulnerability 1 - 0 (0%)
48Exec 1 ▲ new
49Abusing 1 ▲ new
50CVE 1 ▲ new
51Alert 1 ▲ new
52LNK 1 ▲ new
53hacking 1 ▲ new
54Zipped 1 ▲ new
55URL 1 ▲ new
56Hackers 1 ▲ new
57Use 1 ▲ new
58Korean 1 ▲ new
59North 1 ▲ new
60Palo Alto Networks 1 ▲ new
61target 1 ▼ -1 (-100%)
62bit 1 ▲ new
63PHP 1 ▲ new
64little 1 ▲ new
65threatactor 1 ▲ new
66Social Engineering 1 ▲ new
67powerful 1 ▲ new
68Scraper 1 ▲ new
69Channel 1 ▲ new
70scripting 1 ▲ new
71Developers 1 ▲ new
72traditional 1 ▲ new
73recent 1 ▲ new
74hijack 1 ▲ new
75Fake 1 - 0 (0%)
76devs 1 ▲ new
77Targeted 1 ▲ new
78Lots 1 ▲ new
Special keyword group
Top 5
Malware Type
Malware Type

This is the type of malware that is becoming an issue.

No data.

Attacker & Actors
Attacker & Actors

The status of the attacker or attack group being issued.

Keyword Average Label
Attack technique
Technique

This is an attack technique that is becoming an issue.

Keyword Average Label
Stealer
5 (41.7%)
Campaign
2 (16.7%)
Phishing
1 (8.3%)
RCE
1 (8.3%)
hacking
1 (8.3%)
Country & Company
Country & Company

This is a country or company that is an issue.

Keyword Average Label
North Korea
2 (66.7%)
Palo Alto Networks
1 (33.3%)
Threat info
Last 5

SNS

(Total : 12)
  Total keyword

Stealer Malware Browser Telegram Discord DNS GitHub Campaign CVE Vulnerability RCE hijack attack

No Title Date
1ANY.RUN @anyrun_app
⚠️ Pentagon Stealer is an evolving malware with Python & Golang variants. It injects crypto wallets like Exodus to steal mnemonics and collects unencrypted browser cookies.   See the attack chain and dive into our team’s in-depth technical analysis: https://t.co/0uDDZ5g9pQ https://t.co/O5ZSPQuNn		2025.05.02
2Threat Intelligence @threatintel
#ThreatProtection #Pentagon Stealer: New Python and Go malware that targets browser creds, crypto wallets and app tokens. Read more about Symantec's protection: https://t.co/EmdIQr3e25 #Infostealer		2025.04.30
3MalwareHunterTeam @malwrhunterteam
"The GREATEST, most TREMENDOUS Python package that makes importing great again!" "TARIFF is a fantastic tool that lets you impose import tariffs on Python packages. We're going to bring manufacturing BACK to your codebase by making foreign imports more EXPENSIVE!" https://t.co/bWXPChb9zA		2025.04.30
4ANY.RUN @anyrun_app
⚠️ Pentagon is an evolving #malware with Python & Golang variants ???? Also known as Acab, Vilsa, and BLX ???? Bypasses DPAPI encryption in browsers via debug mode ???? Injects into Atomic/Exodus wallets to steal data Read technical analysis from our team ???? https://t.co/sp4RgkAElM		2025.04.29
5Dark Web Informer - Cyber Threat Intelligence @DarkWebInformer
????Important Python Libraries and Frameworks https://t.co/7PxFgVQzT4 https://t.co/vSGE0f7GRm		2025.04.29

News

(Total : 6)
  Total keyword

Malware Stealer Update North Korea Attacker Victim Phishing Social Engineering Targeted target hacking Campaign Palo Alto Networks

No Title Date
1Hardware Built For Executing Python (Not Pythons) - Hackaday2025.05.06
2Python InfoStealer with Embedded Phishing Webserver, (Tue, May 6th) - Malware.News2025.05.06
3[UPDATE] [mittel] Python: Schwachstelle ermöglicht Denial of Service - IT Sicherheitsnews2025.04.30
4[UPDATE] [mittel] Python: Schwachstelle ermöglicht Manipulation von Dateien - IT Sicherheitsnews2025.04.30
5Crypto Developers Targeted by Python Malware Disguised as Coding Challenges - The Hacker News2025.04.15

Additional information

No data
No data
No data
No URL CC ASN Co Reporter Date
1http://endurancefloorferqecrace.de:6382/MSVP.zip
opendir python zip 		NL NLEK-Media B.V.ge0lev2025.03.15
2http://endurancefloorferqecrace.de:6382/2KRBAX.zip
opendir python zip 		NL NLEK-Media B.V.ge0lev2025.03.15
3http://endurancefloorferqecrace.de:6382/FEMABR.zip
opendir python zip 		NL NLEK-Media B.V.ge0lev2025.03.15
4http://endurancefloorferqecrace.de:6382/1KRBAX.zip
opendir python zip 		NL NLEK-Media B.V.ge0lev2025.03.15
5http://49.161.128.226:8915/downloads/chrome.exe
python stealer 		KR KRLG POWERCOMMRiordz2025.01.31
View only the last 5
Beta Service, If you select keyword, you can check detailed information.