Cyber Threat Trends

Summary: 2025/04/28 20:01

First reported date: 2012/03/26
Inquiry period : 2025/04/21 20:00 ~ 2025/04/28 20:00 (7 days), 25 search results

전 기간대비 32% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 apt Campaign attack North Korea dprk 입니다.
악성코드 유형 LPEClient NetWireRC RokRAT 도 새롭게 확인됩니다.
공격자 SideCopy APT37 도 새롭게 확인됩니다.
공격기술 Spear Phishing Stealer Backdoor 도 새롭게 확인됩니다.
기관 및 기업 Government South Korea India Japan Google Trend Micro United States Egypt 도 새롭게 확인됩니다.
기타 IoC Earth Kurma Chinalinked amp 등 신규 키워드도 확인됩니다.

* 최근 뉴스기사 Top3:
ㆍ 2025/04/25 Earth Kurma APT Campaign Targets Southeast Asian Government, Telecom Sectors
ㆍ 2025/04/25 Earth Kurma APT Campaign Targets Southeast Asian Government, Telecom Sectors

Date range button:

First seen:

Last seen:

Keyword

Trend graph by period

Related keyword cloud

Top 100

#	Trend	Count	Comparison
1	apt	25	▲ 8 (32%)
2	Campaign	22	▲ 9 (41%)
3	attack	6	▲ 5 (83%)
4	Malware	6	- 0 (0%)
5	Government	5	▲ new
6	North Korea	4	▲ 1 (25%)
7	dprk	4	▲ 1 (25%)
8	Report	4	▼ -2 (-50%)
9	target	4	▲ 1 (25%)
10	IoC	4	▲ new
11	Update	4	▲ 3 (75%)
12	China	3	▼ -1 (-33%)
13	hacking	3	▲ 2 (67%)
14	securityaffairs	3	▲ 2 (67%)
15	Kimsuky	3	▲ 1 (33%)
16	Lazarus	3	▲ 1 (33%)
17	Earth	3	▲ new
18	Kurma	3	▲ new
19	South Korea	3	▲ new
20	Chinalinked	2	▲ new
21	India	2	▲ new
22	amp	2	▲ new
23	Infra	2	▲ new
24	Southeast	2	▲ new
25	espionage	2	▲ new
26	sample	2	▲ 1 (50%)
27	Exploit	2	- 0 (0%)
28	synchole	2	▲ new
29	BlueKeep	2	▲ new
30	Recent	2	▲ 1 (50%)
31	Billbug	2	▲ new
32	multiple	2	▲ new
33	SideWinder	2	▲ new
34	httpsgofinanciallycomimagesupload	2	▲ new
35	RDP	2	▲ new
36	flaw	2	▲ new
37	Kaspersky	2	- 0 (0%)
38	Japan	2	▲ new
39	SideCopy	2	▲ new
40	cti	1	▼ -2 (-200%)
41	signbt	1	▲ new
42	threatneedle	1	▲ new
43	LPEClient	1	▲ new
44	innorix	1	▲ new
45	Google	1	▲ new
46	toolset	1	▲ new
47	crossex	1	▲ new
48	hole	1	▲ new
49	agamemnon	1	▲ new
50	South	1	▲ new
51	MSC	1	▲ new
52	Asia	1	▲ new
53	Hash	1	▲ new
54	Decoy	1	▲ new
55	d48032d835c95af816fbcea6e659cdbe	1	▲ new
56	Phishing	1	▼ -2 (-200%)
57	Spear Phishing	1	▲ new
58	NSFOCUS	1	▲ new
59	March	1	▲ new
60	Konni	1	- 0 (0%)
61	Alert	1	▲ new
62	VT	1	▲ new
63	comment	1	▲ new
64	Trend Micro	1	▲ new
65	United States	1	▲ new
66	Supply chain	1	▲ new
67	DLs	1	▲ new
68	Operation	1	- 0 (0%)
69	Egypt	1	▲ new
70	PDF	1	▲ new
71	Limited	1	▲ new
72	LNK	1	▲ new
73	Grade	1	▲ new
74	group	1	- 0 (0%)
75	Query	1	▲ new
76	statelytaurus	1	▲ new
77	MustangPanda	1	▲ new
78	Fofa	1	▲ new
79	C2	1	▲ new
80	IIIdocx	1	▲ new
81	Promotion	1	▲ new
82	Panda	1	- 0 (0%)
83	Interactive	1	▲ new
84	letter	1	▲ new
85	Invitation	1	▲ new
86	Reference	1	▲ new
87	Stealer	1	▲ new
88	Backdoor	1	▲ new
89	Lotus	1	▲ new
90	key	1	▲ new
91	Patchwork	1	▲ new
92	과세표준	1	▲ new
93	NetWireRC	1	▲ new
94	df5ba1678a4bf515536c0e622a2f97c597927e01bb674a648d82bbdd797425d9	1	▲ new
95	RokRAT	1	▲ new
96	APT37	1	▲ new
97	Suspicious	1	▲ new
98	신고	1	▲ new
99	확정	1	▲ new
100	종합소득세	1	▲ new

Special keyword group

Top 5

Malware Type

This is the type of malware that is becoming an issue.

Keyword	Average	Label
LPEClient		1 (25%)
Konni		1 (25%)
NetWireRC		1 (25%)
RokRAT		1 (25%)

Attacker & Actors

The status of the attacker or attack group being issued.

Keyword	Average	Label
Kimsuky		3 (30%)
Lazarus		3 (30%)
SideCopy		2 (20%)
APT37		1 (10%)
LOTUS PANDA		1 (10%)

Technique

This is an attack technique that is becoming an issue.

Keyword	Average	Label
apt		25 (43.9%)
Campaign		22 (38.6%)
hacking		3 (5.3%)
Exploit		2 (3.5%)
Phishing		1 (1.8%)

Country & Company

This is a country or company that is an issue.

Keyword	Average	Label
Government		5 (17.2%)
North Korea		4 (13.8%)
dprk		4 (13.8%)
China		3 (10.3%)
South Korea		3 (10.3%)

Threat info

Last 5

SNS

(Total : 23)

Total keyword

apt Campaign attack dprk Malware Report North Korea Update IoC hacking Government Kimsuky China Lazarus South Korea SideCopy Kaspersky target India BlueKeep SideWinder Japan Exploit Backdoor LPEClient Google Supply chain Egypt Phishing Spear Phishing Operation Konni Software hijack Chrome LOTUS PANDA C2 Attacker NetWireRC RokRAT APT37 Stealer c&c ...

No	Title	Date
1	Ginkgo @ginkgo_g ???? waves Found another #APT sample like this! ???? Hash: 667549ae95d4e0d8d04892f5246173bf ???? URL: https://gofinancially.com/images/upload/0424.png Would anyone be sweet enough to share if they've grabbed the payload? ???? I'd be super grateful! ???? https://t.co/qs8aehktJz https://t.co/KSAqeI4	2025.04.28
2	JangPro @JangPr0 #APT #DPRK d48032d835c95af816fbcea6e659cdbe Decoy: NTS_eTaxInvoice.html.lnk https://deliberatecollaboration.com/wp-includes/js/src/get.php & upload.php & list.php similar https://t.co/rldVG2Syaw https://t.co/ZKJcng4RBL	2025.04.28
3	Cyber_OSINT @Cyber_O51NT In March 2025, NSFOCUS reported 19 APT attacks primarily targeting government agencies in South Asia and East Asia, with spear phishing accounting for 79% of incidents, highlighting the ongoing threat from groups like Bitter and Lazarus. #CyberSecurity https://t.co/EcOmYPGKC4	2025.04.27
4	Ginkgo @ginkgo_g #Konni #APT https://t.co/R6oBhwFMze	2025.04.25
5	Cyber_OSINT @Cyber_O51NT A recent report reveals that the Earth Kurma APT campaign is actively targeting Southeast Asian government and telecom sectors using advanced malware and cyberespionage techniques. #Cybersecurity #APT https://t.co/afQWXKIEc4	2025.04.25

News

(Total : 2)

Total keyword

Malware Campaign Government target APT United States Trend Micro

No	Title	Date
1	Earth Kurma APT Campaign Targets Southeast Asian Government, Telecom Sectors - Malware.News	2025.04.25
2	Earth Kurma APT Campaign Targets Southeast Asian Government, Telecom Sectors - TrendMicro	2025.04.25

Additional information

No	Title	Date
1	Top Tier Target \| What It Takes to Defend a Cybersecurity Company from Today’s Adversaries - Malware.News	2025.04.28
2	28th April – Threat Intelligence Report - Malware.News	2025.04.28
3	Navigating Through The Fog - Malware.News	2025.04.28
4	Huawei Set to Test Powerful AI Chip to Rival Nvidia’s, WSJ Says - Bloomberg Technology	2025.04.28
5	Gamers Beware! New Attack Targets Gamers to Deploy AgeoStealer Malware - Malware.News	2025.04.26
View only the last 5

No	Title	Date
1	Earth Kurma APT Campaign Targets Southeast Asian Government, Telecom Sectors - Malware.News	2025.04.25
2	APT Group Profiles – Larva-24005 - ASEC BLOG	2025.04.14
3	March 2025 APT Group Trends (South Korea) - Malware.News	2025.04.10
4	March 2025 APT Group Trends (South Korea) - ASEC BLOG	2025.04.09
5	카스퍼스키 “진화하는 APT·랜섬웨어 대응 위해 위협 인텔리전스 기반 선제적 전략 필요” - 데일리시큐	2025.03.26
View only the last 5

No	Request	Hash(md5)	Report No	Date
1	x64.exe Emotet Swrort Generic Malware Armageddon APT [C] All Process Malicious Library UPX Malicious Packer Antivirus Anti_VM PE File PE32 OS Processor Check DLL PE64 ftp MZP Format	e4b9f59c60edde996ac3c2d2b133dbf7	52359	2024.08.05
2	NINJA.exe Generic Malware Armageddon APT [C] All Process UPX PE32 PE File GIF Format	9e870f801dd759298a34be67b104d930	36555	2023.01.28
3	sheet.exe Formbook RAT PWS .NET framework Generic Malware Hide_EXE [C] All Process Armageddon APT Malicious Library UPX Malicious Packer AntiDebug AntiVM PE32 PE File OS Processor Check .NET EXE	1451ed9b5629e22afbde901d932f4bfc	32641	2022.09.26
4	采购订单要求 & 绘图样本..exe RAT Generic Malware [C] All Process Armageddon APT task schedule Malicious Library UPX Malicious Packer AntiDebug AntiVM PE32 OS Processor Check PE File .NET EXE GIF Format	c56268bd887cf060acae169c64e60a49	32131	2022.09.20
5	t-d.exe Armageddon APT WinRAR AntiDebug AntiVM PE File OS Processor Check PE32	95939e9f316d9e5d38e453b5f6095fcd	12579	2021.06.24
View only the last 5

Level	Description
danger	File has been identified by 56 AntiVirus engines on VirusTotal as malicious
notice	Creates executable files on the filesystem
notice	Drops an executable to the user AppData folder
notice	The binary likely contains encrypted or compressed data indicative of a packer
info	The executable contains unknown PE section names indicative of a packer (could be a false positive)
info	The file contains an unknown PE resource name possibly indicative of a packer
info	This executable has a PDB path

No	Category	URL	CC	ASN Co	Date
1	c2	http://00701111.000webhostapp.com/wp-extra/show.php	US	...	2023.09.18

No	URL	CC	ASN Co	Reporter	Date
1	https://jpkinki.com/fjugm APT Kimsuky	US	CLOUDFLARENET	IdaNotPro	2025.03.26
2	https://www.dropbox.com/scl/fi/cnfhxf0nc3qxfklznh5na/zzJG_2.zip?rlkey=7t1et81enar4uvbb7nnk58m9b&st=2... APT Kimsuky zip	US	DROPBOX	abuse_ch	2025.02.12
3	https://www.dropbox.com/scl/fi/icvpzbx4vn6lcthva168z/zzJG.zip?rlkey=kntc36792grkm64xriqputbdq&st=px5... APT Kimsuky	US	DROPBOX	JAMESWT_MHT	2025.02.05
4	https://liuyi.neectar.info/hsdverd_3ed5d/mdswsourt_4rfs APT decoy Patchwork PDF	GB		abuse_ch	2025.01.22
5	https://liuyi.neectar.info/lksderdd_4dferd/jhdfer3s_jh3de APT exe Patchwork rustystealer	GB		abuse_ch	2025.01.22
View only the last 5

Beta Service, If you select keyword, you can check detailed information.