popup

Cyber Threat Trends

  1. Day Month

Gemelli flickerflypro flickerfly

Summary: 2025/04/28 20:11

First reported date: 2009/11/11
Inquiry period : 2025/04/21 20:11 ~ 2025/04/28 20:11 (7 days), 79 search results

전 기간대비 22% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 Google Malware Report attack Exploit 입니다.
악성코드 유형 NetWireRC 도 새롭게 확인됩니다.
공격기술 hacking Backdoor 도 새롭게 확인됩니다.
기관 및 기업 North Korea Splunk 북한 도 새롭게 확인됩니다.
기타 Blue Shield California thirdparty image 등 신규 키워드도 확인됩니다.

 * 최근 뉴스기사 Top3:
    ㆍ 2025/04/26 Is Detection Engineering just glorified googling?
    ㆍ 2025/04/26 Threat Hunting: For what, when, and how?
    ㆍ 2025/04/26 구글 안드로이드 기기 보안 강화 위해 자동 재시작 기능 도입

Trend graph by period


Related keyword cloud
Top 100
# Trend Count Comparison
1Google 79 ▲ 17 (22%)
2Malware 24 ▲ 9 (38%)
3Report 19 ▲ 13 (68%)
4attack 19 ▲ 13 (68%)
5Exploit 14 ▲ 9 (64%)
6Campaign 14 ▲ 9 (64%)
7Phishing 13 ▲ 8 (62%)
8Chrome 13 ▲ 5 (38%)
9Vulnerability 12 ▲ 7 (58%)
10Advertising 12 ▲ 6 (50%)
11target 12 ▲ 5 (42%)
12Update 12 ▼ -1 (-8%)
13Email 12 ▲ 6 (50%)
14Browser 11 ▲ 4 (36%)
15Software 9 ▼ -4 (-44%)
16Microsoft 9 ▲ 7 (78%)
17Mandiant 9 ▲ 8 (89%)
18Victim 8 ▲ 5 (63%)
19Criminal 7 ▲ 1 (14%)
20AI 7 ▼ -4 (-57%)
21intelligence 7 ▲ 1 (14%)
22United States 7 ▼ -4 (-57%)
23Blue 6 ▲ new
24Operation 6 ▲ 4 (67%)
25Cryptocurrency 6 ▲ 5 (83%)
26Shield 6 ▲ new
27Gmail 6 ▲ 5 (83%)
28RCE 5 - 0 (0%)
29China 5 ▲ 1 (20%)
30ZeroDay 5 ▲ 3 (60%)
31threat 4 ▲ 1 (25%)
32California 4 ▲ new
33Windows 4 ▲ 1 (25%)
34MFA 4 ▲ 2 (50%)
35Cloud 4 ▲ 1 (25%)
36Government 4 ▲ 2 (50%)
37ChatGPT 4 ▼ -4 (-100%)
38GitHub 4 ▲ 3 (75%)
39hacking 4 ▲ new
40Ransomware 3 - 0 (0%)
41hijack 3 - 0 (0%)
42Education 3 ▼ -3 (-100%)
43Linux 3 ▲ 2 (67%)
44Android 3 ▼ -7 (-233%)
45payment 3 - 0 (0%)
46thirdparty 3 ▲ new
47CISA 3 ▲ 2 (67%)
48구글 3 ▼ -1 (-33%)
49Russia 3 - 0 (0%)
50Password 3 ▲ 1 (33%)
51Lobshot 3 ▲ 2 (67%)
52Israel 3 ▲ 2 (67%)
53Search 3 ▲ 2 (67%)
54North Korea 3 ▲ new
55image 2 ▲ new
56sharp 2 ▲ new
57für 2 ▲ 1 (50%)
58Recorded Future 2 ▲ 1 (50%)
59SVG 2 ▲ new
60activity 2 ▲ new
61rise 2 ▲ 1 (50%)
62c&c 2 ▲ 1 (50%)
63IoC 2 ▲ 1 (50%)
64SOC 2 ▲ new
65MicrosoftEdge 2 ▲ new
66GoogleChrome 2 ▲ new
67Zero Trust 2 ▲ new
68Inc 2 ▲ new
69Scalable 2 ▲ new
70Splunk 2 ▲ new
71공격 2 ▲ new
72북한 2 ▲ new
73LinkedIn 2 ▲ new
74Amazon 2 - 0 (0%)
75DBIR 2 ▲ new
76MTrends 2 ▲ new
77time 2 ▲ new
78Stealer 2 ▲ 1 (50%)
79Perplexity 2 ▲ 1 (50%)
80Verizon 2 ▲ new
81Iran 2 ▲ 1 (50%)
82court 2 ▲ new
83detection 2 ▲ new
84Googles 2 ▼ -2 (-100%)
85OpenAI 2 ▲ 1 (50%)
86NetWireRC 2 ▲ new
87Vawtrak 2 ▲ 1 (50%)
88query 2 ▲ new
89South Korea 2 - 0 (0%)
90MURKYTOUR 2 ▲ new
91Backdoor 2 ▲ new
92health 2 ▲ new
93Motorola 2 ▲ new
94Kaspersky 2 ▼ -3 (-150%)
95RSAC 2 ▲ 1 (50%)
96Twitter 2 ▲ new
97Escalation 2 ▲ new
98Privilege 2 ▲ new
99Alphabet 2 ▲ new
100Bloomberg 2 ▲ new
Special keyword group
Top 5
Malware Type
Malware Type

This is the type of malware that is becoming an issue.

Keyword Average Label
Ransomware
3 (30%)
Lobshot
3 (30%)
NetWireRC
2 (20%)
Vawtrak
2 (20%)
Attacker & Actors
Attacker & Actors

The status of the attacker or attack group being issued.

Keyword Average Label
Attack technique
Technique

This is an attack technique that is becoming an issue.

Keyword Average Label
Exploit
14 (23.7%)
Campaign
14 (23.7%)
Phishing
13 (22%)
RCE
5 (8.5%)
hacking
4 (6.8%)
Country & Company
Country & Company

This is a country or company that is an issue.

Keyword Average Label
Google
79 (54.5%)
Microsoft
9 (6.2%)
Mandiant
9 (6.2%)
United States
7 (4.8%)
China
5 (3.4%)
Threat info
Last 5

SNS

(Total : 23)
  Total keyword

Google Chrome Email Microsoft Victim attack Attacker Report Campaign Phishing Update hijack Advertising Mandiant Criminal Exploit Browser Israel iran target Malware Lobshot APT Stealer Fortinet CrowdStrike ZeroDay payment Hijacking Password Firefox Safari ...

No Title Date
1Kaspersky @kaspersky
Your browser is watching you ????‼️ #GoogleChrome. #MicrosoftEdge, & more. One by one, they’ve cracked down on ad blockers, embraced fingerprinting, and rewritten the rules, all while pocketing your data. So, who’s actually on your side? Swipe to uncover the best private https://t.co/JVYOiWJsM		2025.04.26
2Dark Web Informer - Cyber Threat Intelligence @DarkWebInformer
????deGoogle Your Life https://t.co/TKfDkwFYYn		2025.04.26
3Kaspersky @kaspersky
???? Phishing attacks through SVG image files ???? Our experts have detected a sharp rise in attackers using #SVG (Scalable Vector Graphics) files to deliver phishing emails, both to individuals and businesses. Once opened, these files redirect users to fake #Google and #Microsoft https://t.co/hlF		2025.04.25
4Virus Bulletin @virusbtn
Google Mandiant has released the 16th edition of M-Trends, which looks into several trends, data & analysis from incident response engagements. Stolen credentials are now the second highest initial infection vector as the use of infostealers is on the rise https://t.co/33h9ZniSHs https://t.co/zk		2025.04.25
5MalwareHunterTeam @malwrhunterteam
"xai_bypasss_2025" ???? Downloads the "image_viewer.exe" sample from: https://storage.googleapis.com/msgsndr/8hGy0olDfKm2LBrxcCNj/media/680a977d9020da62bd808753.jpeg https://t.co/lQA8iiTqDy		2025.04.25

News

(Total : 56)
  Total keyword

Google Malware Report attack Vulnerability Exploit target Campaign Attacker Advertising Phishing Update Chrome Browser Software Email intelligence Mandiant United States Cryptocurrency Gmail Operation Microsoft China RCE Criminal Victim ChatGPT ZeroDay Government MFA Windows hacking GitHub Linux North Korea CISA Education Ransomware 구글 Russia Android Recorded Future Lobshot Password IoC c&c Zero Trust 북한 Amazon Splunk Vawtrak NetWireRC Twitter LinkedIn South Korea Backdoor OpenAI Israel Kaspersky payment DPRK MacOS 크롬 ...

No Title Date
1Gmail für Android und iOS: Google sorgt für mehr Flexibilität und bringt neue Gemini-Funktionen - IT Sicherheitsnews2025.04.28
2뷰소닉, 구글TV 내장 스마트 포터블 빔프로젝터 ‘M1 Max’ 한국 시장 신출 - 데일리시큐2025.04.28
3Pete Hegseth’s Signal Scandal Spirals Out of Control - Security Latest- WIRED2025.04.26
4Is Detection Engineering just glorified googling? - Malware.News2025.04.26
5Threat Hunting: For what, when, and how? - Malware.News2025.04.26

Additional information

No Request Hash(md5) Report No Date
12025416-方案1-方案細節.pdf.lnk
Client SW User Data Stealer browser info stealer Generic Malware Google Chrome User Data Downloader UPX ASPack Malicious Library Admin Tool (Sysinternals etc ...) Http API PWS Code injection Create Service Socket DGA ScreenShot Escalate priviledges Steal 		c77858bbcfb2ab87d9469d6376cbe223602572025.04.28
2 setup.exe
Client SW User Data Stealer browser info stealer Generic Malware Downloader Google Chrome User Data ASPack Malicious Library UPX Admin Tool (Sysinternals etc ...) ScreenShot Http API PWS Code injection Create Service Socket DGA Escalate priviledges Steal 		eb497402e6fcb1c7cfb3f129bcc4f3f0602582025.04.28
3Software-MSI.msi
Client SW User Data Stealer browser info stealer Generic Malware Downloader Google Chrome User Data Malicious Library Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS VNC Code injection Internet 		afc28d87bbf6cb0c9018a0fb1ee216c3598002025.04.21
4 cookies-alert-script.js.pobran...
Client SW User Data Stealer browser info stealer Generic Malware Google Chrome User Data Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection BitCoin Internet API persistenc 		223545c1ac7813572f8fd3792dd4f953595422025.04.20
5 anchor.html
Client SW User Data Stealer browser info stealer Generic Malware Google Chrome User Data Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection BitCoin Internet API persistenc 		d518b91a0e17a2e557ccf1270b99ca99595702025.04.20
View only the last 5
Level Description
warning File has been identified by 27 AntiVirus engines on VirusTotal as malicious
watch Drops a binary and executes it
watch Found URLs in memory pointing to an IP address rather than a domain (potentially indicative of Command & Control traffic)
watch One or more non-whitelisted processes were created
watch Requests access to read memory contents of lsass.exe potentially indicative of credential dumping
watch Resumed a suspended thread in a remote process potentially indicative of process injection
notice A process created a hidden window
notice Allocates read-write-execute memory (usually to unpack itself)
notice An application raised an exception which may be indicative of an exploit crash
notice Creates (office) documents on the filesystem
notice Creates a shortcut to an executable file
notice Creates a suspicious process
notice Creates executable files on the filesystem
notice Drops an executable to the user AppData folder
notice One or more potentially interesting buffers were extracted
notice Potentially malicious URLs were found in the process memory dump
notice Queries the disk size which could be used to detect virtual machine with small fixed size or dynamic allocation
notice Starts servers listening
notice Steals private information from local Internet browsers
notice Yara rule detected in process memory
info Checks amount of memory in system
info Checks if process is being debugged by a debugger
info One or more processes crashed
info Tries to locate where the browsers are installed
No data
No data
Beta Service, If you select keyword, you can check detailed information.