popup

Cyber Threat Trends

  1. Day Month

Gemelli flickerflypro flickerfly

Summary: 2025/04/28 10:52

Inquiry period : 2025/04/21 10:51 ~ 2025/04/28 10:51 (7 days), 2,099 search results


전 기간대비 상승한 Top5 연관 키워드는 attack Victim Software intelligence Education 입니다.
기타 SAP 신규 키워드도 확인됩니다.

 * 최근 뉴스기사 Top3:
    ㆍ 2025/04/28 Navigating Through The Fog
    ㆍ 2025/04/28 SRUM-DUMP Version 3: Uncovering Malware Activity in Forensics, (Sun, Apr 27th)
    ㆍ 2025/04/28 Update: oledump.py Version 0.0.80

Trend graph by period

Total number of trend targets


Related keyword cloud
Top 100
# Trend Count Comparison
1Malware 344 ▼ -33 (-10%)
2Report 193 ▼ -12 (-6%)
3attack 188 ▲ 2 (1%)
4Ransomware 159 ▼ -12 (-8%)
5target 145 ▼ -31 (-21%)
6Update 144 ▼ -32 (-22%)
7United States 133 ▼ -38 (-29%)
8Alert 123 ▼ -2 (-2%)
9Victim 115 ▲ 14 (12%)
10Software 112 ▲ 1 (1%)
11Campaign 110 ▼ -21 (-19%)
12Exploit 110 ▼ -11 (-10%)
13Microsoft 100 ▼ -16 (-16%)
14MWNEWS 92 ▼ -48 (-52%)
15intelligence 88 ▲ 4 (5%)
16Vulnerability 86 ▼ -41 (-48%)
17RCE 84 ▼ -32 (-38%)
18Education 80 ▲ 9 (11%)
19Google 79 ▲ 18 (23%)
20hacking 72 ▼ -12 (-17%)
21Operation 71 ▼ -8 (-11%)
22AI 71 ▼ -10 (-14%)
23Phishing 67 ▼ -28 (-42%)
24Kaspersky 64 ▲ 1 (2%)
25South Korea 64 ▲ 1 (2%)
26China 61 ▼ -41 (-67%)
27Alleged 58 ▲ 7 (12%)
28North Korea 56 ▲ 17 (30%)
29Advertising 56 ▼ -9 (-16%)
30DDoS 55 ▼ -1 (-2%)
31Email 53 ▼ -6 (-11%)
32threat 52 ▼ -12 (-23%)
33Windows 50 ▼ -28 (-56%)
34Dark 43 ▼ -7 (-16%)
35Government 41 ▼ -11 (-27%)
36Criminal 38 ▼ -11 (-29%)
37Data 37 ▲ 14 (38%)
38Russia 36 ▼ -11 (-31%)
39Stealer 35 ▲ 3 (9%)
40Linux 34 ▼ -10 (-29%)
41access 34 ▼ -1 (-3%)
42NetWireRC 34 ▼ -16 (-47%)
43DarkWeb 34 ▼ -1 (-3%)
44Japan 33 ▲ 19 (58%)
45securityaffairs 33 ▼ -3 (-9%)
46c&c 32 ▼ -15 (-47%)
47Browser 32 ▲ 4 (13%)
48India 30 ▲ 9 (30%)
49Breach 30 ▲ 6 (20%)
50Germany 30 ▲ 17 (57%)
51Sicherheitsnews 30 ▲ 1 (3%)
52taegliche 29 ▲ 1 (3%)
53Zusammenfassung 29 - 0 (0%)
54Cryptocurrency 29 ▲ 8 (28%)
55ZeroDay 29 ▲ 2 (7%)
56APT 27 ▲ 10 (37%)
57Group 27 ▼ -4 (-15%)
58Last 27 ▼ -1 (-4%)
59April 27 ▲ 13 (48%)
60IoC 26 ▼ -4 (-15%)
61Recorded Future 26 ▲ 9 (35%)
62RSAC 26 ▲ 17 (65%)
63ChatGPT 26 ▼ -13 (-50%)
64httpstco 26 ▼ -9 (-35%)
65von 26 ▼ -8 (-31%)
66Distribution 26 ▲ 6 (23%)
67dprk 25 ▲ 4 (16%)
68Schwachstellen 25 ▼ -2 (-8%)
69Sale 25 ▲ 8 (32%)
70Schwachstelle 25 ▲ 6 (24%)
71sample 25 ▲ 14 (56%)
72Ucraina 24 ▼ -5 (-21%)
73Android 23 ▼ -13 (-57%)
74Password 23 ▼ -1 (-4%)
75Team 22 ▼ -7 (-32%)
76Future 22 ▲ 10 (45%)
77Artikel 22 ▲ 6 (27%)
78CISA 22 ▼ -27 (-123%)
79C2 21 ▼ -5 (-24%)
80MFA 20 ▲ 9 (45%)
81Record 20 ▲ 10 (50%)
82cve 20 ▼ -27 (-135%)
83Storm 20 ▲ 5 (25%)
84cti 20 ▲ 4 (20%)
85United Kingdom 19 ▼ -6 (-32%)
86payment 19 ▲ 2 (11%)
87Lazarus 19 ▲ 13 (68%)
88NortonLifeLock 19 ▲ 2 (11%)
89Mehrere 19 - 0 (0%)
90ThreatProtection 19 - 0 (0%)
91Chrome 18 ▲ 3 (17%)
92SAP 18 ▲ new
93Europe 18 ▼ -18 (-100%)
94GitHub 17 ▼ -4 (-24%)
95WhatsApp 17 ▼ -8 (-47%)
96Asia 17 ▲ 15 (88%)
97Register 17 ▼ -9 (-53%)
98YouTube 16 ▲ 2 (13%)
99North 16 ▲ 8 (50%)
100Social Engineering 16 - 0 (0%)
Special keyword group
Top 5
Malware Type
Malware Type

This is the type of malware that is becoming an issue.

Keyword Average Label
Ransomware
159 (39.8%)
NetWireRC
34 (8.5%)
Vawtrak
12 (3%)
Lumma
10 (2.5%)
GameoverP2P
9 (2.3%)
Attacker & Actors
Attacker & Actors

The status of the attacker or attack group being issued.

Keyword Average Label
Lazarus
19 (25.7%)
Kimsuky
14 (18.9%)
Tick
5 (6.8%)
Storm-1977
5 (6.8%)
LOTUS PANDA
3 (4.1%)
Attack technique
Technique

This is an attack technique that is becoming an issue.

Keyword Average Label
Campaign
110 (16.8%)
Exploit
110 (16.8%)
RCE
84 (12.9%)
hacking
72 (11%)
Phishing
67 (10.3%)
Country & Company
Country & Company

This is a country or company that is an issue.

Keyword Average Label
United States
133 (10%)
Microsoft
100 (7.5%)
Google
79 (6%)
Kaspersky
64 (4.8%)
South Korea
64 (4.8%)
Malware Type
Top 5

Detailed trend analysis by malware type.

Threat info
Last 5

SNS

(Total : 1103)
  Total keyword

Ransomware attack Victim target Malware Report Campaign DDoS Microsoft Exploit hacking Kaspersky Update RCE North Korea United States Stealer Phishing DarkWeb APT Germany NetWireRC Vulnerability c&c dprk Google Email Advertising Attacker C2 Education Russia intelligence Operation Criminal IoC Software Ucraina Recorded Future China Distribution Windows Japan Browser Password Proofpoint India cve Android Government ZeroDay hijack conference Kimsuky ...Israel Telegram FBI South Korea Singapore payment Chrome MFA Brazil Akira Lumma France njRAT Lazarus Linux United Kingdom AhnLab Cloudflare Rapid7 Mandiant Cryptocurrency Botnet Rhysida WhatsApp Backdoor Vawtrak RSA Conference SECUI Open Directory DslogdRAT CrowdStrike UN Supply chain Iran FormBook Rhysida Ransomware CVSS Spain Attacks Social Engineering Fortinet ClickFix RAT LummaStealer Nanocore Ukraine WordPress plugin CACTUS UK VPN BlueKeep Africa AsyncRAT Italy OSINT S2W Cisco TikTok Cryptocurrency Miner Hijacking Docker Europe SideCopy Astasia Konni GameoverP2P Canada Hunters International opendir Storm-1977 Symantec XSS Trojan PoC CISA YouTube Chinese hacked Amazon Türkiye LockBit Police Magento Saudi Arabia GitHub APT-C-34 XWorm TraderTraitor WinRAR Kakao Apple DNS Coinbase Kubernetes US spyware MalSpam Havoc HyperSSL SideWinder catch ClearFake Acrobat Watchdog XDR RaaS PlugX Lobshot Booking Zero Trust Maze MDR Hong Kong Egypt Secureworks GootLoader Andariel SMB Spear Phishing LPEClient RMS rurat patch VBScript ThreatMon Twitter SocGholish ChatGPT Tor arrest RokRAT APT37 VirusTotal STOP Ransomware Firmware Binance RedLine 보고서 피해자 Cobalt Strike MUSTANG PANDA TONESHELL Remcos DDNS Colombia Zeus Red Team Discord Varonis RansomHouse powershell Data Center datacenter Tick Deface Anonymous Banking iocs ESET Router Australia iCloud Check Point 유포 악성코드 MimiKatz Java Roblox VenomRAT LOTUS PANDA Alureon Targeted Taiwan KeyLogger Indonesia Turkey Smishing Okta Commvault SSRF CryptoCore unc4899 UNC4736 unc1069 Trellix QRadar Security Suite IBM KakaoTalk Takedown VMware Darktrace Firefox DYEPACK Safari EDR

1FalconFeeds.io @FalconFeedsio
???? NightSpire Ransomware Alert ???? Sisnet Consultores ???????? ???? Sisnet Consultores (https://t.co/qhfcao6KLu), a Costa Rican IT company specializing in software development, consulting, and digital transformation services, has fallen victim to NightSpire ransomware. ???? Key Details: https		2025.04.27
2Dark Web Informer - Cyber Threat Intelligence @DarkWebInformer
eXch has been removed from the DWI platform and DarkWatchCTI repository. Reason: Shut down. https://exch.cx http://hszyoqwrcp7cxlxnqmovp6vjvmnwj33g4wviuxqzq47emieaxjaperyd.onion https://t.co/u0nRCsY3I0		2025.04.27
3Dark Web Informer - Cyber Threat Intelligence @DarkWebInformer
Vouch! https://t.co/xRHbgZ8kR9		2025.04.27
4Cyber_OSINT @Cyber_O51NT
MTN Group disclosed a data breach that exposed subscribers' personal information but assured that core systems remain secure; they urge customers to stay vigilant and report any suspicious activity. #MTN #DataBreach https://t.co/amrhpHEapi		2025.04.27
5Cyber_OSINT @Cyber_O51NT
Mustang Panda has emerged with new TTPs, utilizing advanced tools like ToneShell and StarProxy to target government, military, and NGOs in Myanmar and East Asia, employing evasion techniques for espionage. #CyberSecurity #MustangPanda https://t.co/lnUfK40xXG		2025.04.27

News

(Total : 988)
  Total keyword

Malware Report Update United States attack Software intelligence Exploit Vulnerability target Education Campaign Google South Korea Microsoft Operation RCE Attacker China Ransomware Phishing Windows Advertising Email Victim Government hacking Linux ChatGPT Cryptocurrency North Korea Criminal Kaspersky Japan Browser CISA ZeroDay India Russia Europe GitHub US YouTube IBM QRadar Security Suite Lazarus Distribution MFA United Kingdom WhatsApp Cisco Chinese Recorded Future Social Engineering Android Supply chain Amazon payment Chrome Apple Password KISA EDR c&c IoC NetWireRC Instagram Ucraina Backdoor 한국 Mandiant Java ...DarkWeb CVE LinkedIn IoT AhnLab CVSS Smishing Spain Red Team iPhone Australia Zero Trust Police DDoS Taiwan Vawtrak Facebook GameoverP2P RATel Gmail powershell DYEPACK Trojan Germany 북한 일본 FBI conference PoC Takedown Stealer CrowdStrike Naver Kubernetes BlackSuit XSS Tick Italy NIST Malicious Traffic Splunk Cryptocurrency Miner Banking Attacks Saudi Arabia Kimsuky Docker MDR Twitter Iran Israel Telegram OpenAI Lumma VMware Lobshot DNS Tenable XDR NATO WordPress arrest Phone scam Singapore 취약점 Firmware VPN 피싱 CVEs 해킹 VirusTotal 윈도우 Microsoft Edge RSA Conference Kakao Africa Commvault CACTUS Mexico Data Center 안랩 UAE Brazil Forensics NSA Oracle Indonesia RAT Clop AT&T LOTUS PANDA 러시아 OilRig AsyncRAT Palo Alto Networks Check Point Cloudflare KISIA Hijacking UN TikTok Astasia 크롬 DPRK NAS Hong Kong Canada Ukraine APT Qualys iCloud 소프트웨어 Red Hat UNIX Kali Discord Zscaler MgBot Volt Typhoon DslogdRAT France 캠페인 Storm-1977 hijack NETAND Webshell Cobalt Strike Exploit Kit Yahoo Ads Alureon 구글 인스타그램 Alibaba UK 라자루스 Konni Entropy Bankshot 소프트캠프 미국 Fujitsu C2 OSINT Softcamp 우크라이나 Volgmer LPEClient Maze Palantir 중국 대한민국 악성코드 Adwind UNC4736 UNC5221 TraderTraitor CryptoCore MacOS Dtrack Blue Team Okta 세미나 VBScript VBS 대만 Upgrade 업무 협약 Trend Micro Router TP-Link SolarWinds RevengeRAT Cyber Kill Chain DLP 펜타시큐리티 워크숍 넷앤드 Iranian Rootkits targeting Skipper Booking NIS 패치 RaonSecure Firefox AnyDesk Roblox Dropper STEALIEN GraphicalNeutrino Botnet SmokeLoader APT29 Nemesis 터키 Azerbaijan Syrian Egypt Türkiye Pharming 영국 SECUI Genian Rakuten PLATINUM plugin 오라클 McAfee Quick Heal Binance Spear Phishing IcedID 광고 Honeypot Honeynet APT28 Sandworm Steam APT41 RedEcho Sea Turtle LockBit Black Basta Rhysida SocGholish Fortinet 보고서 PDB RMS schtasks Watchdog CoreDN CyberArk SentinelOne 인도 Stealc AgentTesla Vidar FormBook BlueKeep Anchor XMRig Darktrace Ubuntu 교육 카카오 파수 Fasoo Quishing PayPal

1히어링 케어 보청기 센터, ‘다시 들리기 시작하는 세상’ 이벤트 진행 - 데일리시큐2025.04.28
2엠포플러스, 2025 대선 앞두고 선거 문자 전문 서비스 ‘한표문자’ 본격 가동 - 데일리시큐2025.04.28
3Navigating Through The Fog - Malware.News2025.04.28
4SRUM-DUMP Version 3: Uncovering Malware Activity in Forensics, (Sun, Apr 27th) - Malware.News2025.04.28
5하이코어, ‘2025 하이코어배 코리아휠체어컬링리그’ 성료 - 데일리시큐2025.04.28

Additional information

No Title Date
1Navigating Through The Fog - Malware.News2025.04.28
2Huawei Set to Test Powerful AI Chip to Rival Nvidia’s, WSJ Says - Bloomberg Technology2025.04.28
3Gamers Beware! New Attack Targets Gamers to Deploy AgeoStealer Malware - Malware.News2025.04.26
4Threat Hunting: For what, when, and how? - Malware.News2025.04.26
5Detection Engineering Fundamentals: What makes a good alert? - Malware.News2025.04.26
View only the last 5
Level Description
warning File has been identified by 21 AntiVirus engines on VirusTotal as malicious
watch Communicates with host for which no DNS query was performed
watch Network communications indicative of a potential document or script payload download was initiated by the process powershell.exe
notice Allocates read-write-execute memory (usually to unpack itself)
notice Checks adapter addresses which can be used to detect virtual network interfaces
notice HTTP traffic contains suspicious features which may be indicative of malware related traffic
notice One or more potentially interesting buffers were extracted
notice Performs some HTTP requests
notice Poweshell is sending data to a remote host
notice URL downloaded by powershell script
info Checks amount of memory in system
info Command line console output was observed
info Queries for the computername
info Uses Windows APIs to generate a cryptographic key
Network ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response
Network ET INFO Executable Download from dotted-quad Host
Network ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download
Network ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile
Network ET POLICY PE EXE or DLL Windows file download HTTP
No Category URL CC ASN Co Date
1malicioushttps://booking.secure-partener.com/US USCLOUDFLARENET2025.04.28
2malicioushttps://booking.secure-partener.com/sign-inUS USCLOUDFLARENET2025.04.28
3malwarehttp://185.39.17.70/zgrnf/ckuh.exeRU RUJoint Stock Company Tagnet2025.04.28
4malicioushttps://secure-partener.com/US USCLOUDFLARENET2025.04.28
5malwarehttp://88.214.48.26/tpnl98/ret.exeRU RU2025.04.28
View only the last 5
No URL CC ASN Co Reporter Date
1http://88.129.243.87:52515/bin.sh
32-bit elf mips Mozi 		SE SEA3 Sverige ABgeenensp2025.04.28
2http://1.69.100.42:56786/bin.sh
32-bit arm elf Mozi 		CN CNNo.31,Jin-rong Streetgeenensp2025.04.28
3http://222.142.237.34:36490/i
32-bit elf mips Mozi 		CN CNCHINA UNICOM China169 Backbonegeenensp2025.04.28
4http://117.95.165.146:47995/i
32-bit arm elf Mozi 		CN CNNo.31,Jin-rong Streetgeenensp2025.04.28
5https://u1.pridefulamaretto.digital/gra0u4wd15.bip
ClearFake 		US USanonymous2025.04.28
View only the last 5
Beta Service, If you select keyword, you can check detailed information.