popup

Cyber Threat Trends

  1. Day Month

Gemelli flickerflypro flickerfly

Summary: 2025/04/28 18:49

First reported date: 2014/08/04
Inquiry period : 2025/04/21 18:49 ~ 2025/04/28 18:49 (7 days), 21 search results

전 기간대비 -19% 낮은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 Nanocore Campaign Malware Update 입니다.
악성코드 유형 DslogdRAT GootLoader 도 새롭게 확인됩니다.
공격자 UNC5221 도 새롭게 확인됩니다.
공격기술 Phishing Webshell apt Exploit 도 새롭게 확인됩니다.
기관 및 기업 Microsoft CISA Google Japan 도 새롭게 확인됩니다.
기타 IP ThreatProtection microsoftftpserveftpcom Proxy time 등 신규 키워드도 확인됩니다.

 * 최근 뉴스기사 Top3:
    ㆍ 2025/04/24 DslogdRAT Malware Installed in Ivanti Connect Secure

Trend graph by period


Related keyword cloud
Top 100
# Trend Count Comparison
1C2 21 ▼ -4 (-19%)
2c&c 19 ▼ -6 (-32%)
3NetWireRC 8 ▼ -4 (-50%)
4njRAT 7 ▼ -5 (-71%)
5Nanocore 4 ▲ 2 (50%)
6live 4 ▼ -1 (-25%)
7IP 4 ▲ new
8Campaign 3 ▲ 1 (33%)
9Malware 3 ▲ 1 (33%)
10Update 2 ▲ 1 (50%)
11ThreatProtection 1 ▲ new
12Microsoft 1 ▲ new
13microsoftftpserveftpcom 1 ▲ new
14server 1 - 0 (0%)
15DslogdRAT 1 ▲ new
16Proxy 1 ▲ new
17time 1 ▲ new
18shell 1 ▲ new
19cyberthreat 1 ▲ new
20UNC5221 1 ▲ new
21Password 1 ▲ new
22Operation 1 - 0 (0%)
23proton66 1 ▲ new
24XWorm 1 - 0 (0%)
25Proton 1 ▲ new
26plenoryvantyxeu 1 ▲ new
27h4rmsw4yX 1 ▲ new
28thorscanner 1 ▲ new
29teamevaluatingglatplygg 1 ▲ new
30amp 1 ▲ new
31Lazarus 1 - 0 (0%)
32evolution 1 ▲ new
33biamiraqorg 1 ▲ new
34infrastructure 1 ▲ new
35DNS 1 ▲ new
36Forward 1 ▲ new
37GootLoader 1 ▲ new
38Phishing 1 ▲ new
39NortonLifeLock 1 ▲ new
40target 1 - 0 (0%)
41hub 1 ▲ new
42attack 1 ▲ new
43Advertising 1 - 0 (0%)
44Webshell 1 ▲ new
45paperclip 1 ▲ new
46introductionsatisfyglatplygg 1 ▲ new
47internetsearchviewdnsnet 1 ▲ new
48manufacturerviewingglatplygg 1 ▲ new
49SideWinder 1 ▲ new
50apt 1 ▲ new
51IoC 1 - 0 (0%)
52Promotion 1 ▲ new
53Grade 1 ▲ new
54IIIdocx 1 ▲ new
55httpstcoUrkESIP 1 ▲ new
56rayishim 1 ▲ new
57httpsfancyhill 1 ▲ new
58https 1 ▲ new
59content 1 ▲ new
60panelthrownglatplygg 1 ▲ new
61RCE 1 - 0 (0%)
62China 1 ▼ -1 (-100%)
63intelligence 1 ▲ new
64CISA 1 ▲ new
65Google 1 ▲ new
66Exploit 1 ▲ new
67ZeroDay 1 ▲ new
68Japan 1 ▲ new
69recommendedcollinsglatplygg 1 ▲ new
70Report 1 ▲ new
71Vulnerability 1 ▲ new
72naumovax 1 ▲ new
73same 1 - 0 (0%)
74dl 1 ▲ new
75hiesa 1 ▲ new
76sample 1 ▲ new
Special keyword group
Top 5
Malware Type
Malware Type

This is the type of malware that is becoming an issue.

Keyword Average Label
NetWireRC
8 (36.4%)
njRAT
7 (31.8%)
Nanocore
4 (18.2%)
DslogdRAT
1 (4.5%)
XWorm
1 (4.5%)
Attacker & Actors
Attacker & Actors

The status of the attacker or attack group being issued.

Keyword Average Label
UNC5221
1 (50%)
Lazarus
1 (50%)
Attack technique
Technique

This is an attack technique that is becoming an issue.

Keyword Average Label
Campaign
3 (37.5%)
Phishing
1 (12.5%)
Webshell
1 (12.5%)
apt
1 (12.5%)
RCE
1 (12.5%)
Country & Company
Country & Company

This is a country or company that is an issue.

Keyword Average Label
Microsoft
1 (20%)
China
1 (20%)
CISA
1 (20%)
Google
1 (20%)
Japan
1 (20%)
Threat info
Last 5

SNS

(Total : 20)
  Total keyword

C2 c&c njRAT NetWireRC Nanocore Malware Campaign GootLoader XWorm Phishing DNS Lazarus Update Microsoft SideWinder apt IoC

No Title Date
1SarlackLab @SarlackLab
#njrat #C2 server 94.26.90.81:6666 confirmed 2025-04-26		2025.04.27
2MalwareHunterTeam @malwrhunterteam
@elslahaty @3onine @thor_scanner @h4rmsw4yX This sample is related to the 85.239.62.36 C2 IP: 236ff897dee7d21319482cd67815bd22391523e37e0452fa230813b30884a86f From: http://154.91.0.103:27017/download/tyu/3cev.py https://t.co/pEjvFhDxpr		2025.04.26
3SarlackLab @SarlackLab
#njrat #C2 server 147.185.221.27:31185 team-evaluating.gl.at.ply.gg confirmed 2025-04-26		2025.04.26
4blackorbird @blackorbird
The evolution of Lazarus malware & C2 Infrastructure Update https://t.co/30TBuYQsxA https://t.co/AKtTQ1r9Yp		2025.04.25
5Threat Intelligence @threatintel
#ThreatProtection #Proton66 infrastructure, a hub for phishing, C2 ops and malware campaigns including GootLoader, SpyNote and XWorm. Read more about Symantec's protection: https://t.co/GeYC3ac1F5 #CyberThreat		2025.04.24

News

(Total : 1)
  Total keyword

NetWireRC intelligence C2 DslogdRAT UNC5221 Password Operation attack target Webshell RCE CISA Vulnerability Google Advertising Exploit ZeroDay Update Japan China Attacker c&c Campaign Report Malware

No Title Date
1DslogdRAT Malware Installed in Ivanti Connect Secure - Malware.News2025.04.24

Additional information

No Title Date
128th April – Threat Intelligence Report - Malware.News2025.04.28
2Navigating Through The Fog - Malware.News2025.04.28
3Huawei Set to Test Powerful AI Chip to Rival Nvidia’s, WSJ Says - Bloomberg Technology2025.04.28
4Gamers Beware! New Attack Targets Gamers to Deploy AgeoStealer Malware - Malware.News2025.04.26
5Threat Hunting: For what, when, and how? - Malware.News2025.04.26
View only the last 5
No data
No data
No Category URL CC ASN Co Date
1malwarehttps://mira-store.com/runday2020.07.03
No URL CC ASN Co Reporter Date
1http://59.88.23.194:49027/Mozi.m
c2 Mozi 		IN INNational Internet Backbonestopransom2025.03.27
2http://cobolrationumelawrtewarms.com/3ofn3jf3e2ljk/Plugins/cred.dll
Amadey c2 dll 		US USPONYNETabus3reports2025.03.02
3http://cobolrationumelawrtewarms.com/3ofn3jf3e2ljk/Plugins/cred64.dll
Amadey c2 dll 		US USPONYNETabus3reports2025.03.02
4http://cobolrationumelawrtewarms.com/3ofn3jf3e2ljk/Plugins/clip64.dll
Amadey c2 dll 		US USPONYNETabus3reports2025.03.02
5http://cobolrationumelawrtewarms.com/3ofn3jf3e2ljk/Plugins/clip.dll
Amadey c2 dll 		US USPONYNETabus3reports2025.03.02
View only the last 5
Beta Service, If you select keyword, you can check detailed information.