Cyber Threat Trends

Summary: 2025/04/28 19:42

First reported date: 2011/01/20
Inquiry period : 2025/04/21 19:42 ~ 2025/04/28 19:42 (7 days), 33 search results

전 기간대비 -42% 낮은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 Exploit Vulnerability Japan ZeroDay RCE 입니다.
악성코드 유형 DslogdRAT RokRAT RMS rurat 도 새롭게 확인됩니다.
공격자 APT37 UNC5221 도 새롭게 확인됩니다.
공격기술 Webshell APT 도 새롭게 확인됩니다.
기관 및 기업 Cloudflare Google DPRK UN North Korea 인도 NATO UAE 도 새롭게 확인됩니다.
기타 Ivanti infrastructure ICS JPCERT securityaffairs 등 신규 키워드도 확인됩니다.

Netwire is an advanced RAT — it is a malware that takes control of infected PCs and allows its operators to perform various actions. Unlike many RATs, this one can target every major operating system, including Windows, Linux, and MacOS.  Ref.

* 최근 뉴스기사 Top3:
    ㆍ 2025/04/25 DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks
    ㆍ 2025/04/24 DslogdRAT Malware Installed in Ivanti Connect Secure
    ㆍ 2025/04/24 Top intelligence lawmaker fears China may exploit DOGE’s changes to government

참고로 동일한 그룹의 악성코드 타입은 Remcos njRAT QuasarRAT 등 112개 종이 확인됩니다.

Date range button:

First seen:

Last seen:

Keyword

Trend graph by period

Related keyword cloud

Top 100

#	Trend	Count	Comparison
1	NetWireRC	33	▼ -14 (-42%)
2	Malware	16	▼ -5 (-31%)
3	DslogdRAT	8	▲ new
4	c&c	8	▼ -9 (-113%)
5	C2	8	▼ -4 (-50%)
6	njRAT	8	▼ -6 (-75%)
7	RAT	7	▼ -13 (-186%)
8	Exploit	7	▲ 6 (86%)
9	Report	6	- 0 (0%)
10	AsyncRAT	5	- 0 (0%)
11	Update	5	▼ -1 (-20%)
12	attack	5	▼ -4 (-80%)
13	Campaign	5	▼ -9 (-180%)
14	Vulnerability	5	▲ 2 (40%)
15	Japan	5	▲ 4 (80%)
16	target	4	▼ -7 (-175%)
17	ZeroDay	4	▲ 1 (25%)
18	Ivanti	4	▲ new
19	Cloudflare	3	▲ new
20	RCE	3	▲ 1 (33%)
21	hacking	3	- 0 (0%)
22	China	3	▼ -3 (-100%)
23	Advertising	3	- 0 (0%)
24	Trojan	3	▼ -2 (-67%)
25	Google	2	▲ new
26	infrastructure	2	▲ new
27	ThreatProtection	2	- 0 (0%)
28	Government	2	- 0 (0%)
29	NortonLifeLock	2	▲ 1 (50%)
30	Android	2	▲ 1 (50%)
31	intelligence	2	▼ -2 (-100%)
32	ICS	2	▲ new
33	Social Engineering	2	▲ 1 (50%)
34	Victim	2	▼ -5 (-250%)
35	CISA	2	▲ 1 (50%)
36	United States	2	▼ -4 (-200%)
37	JPCERT	2	▲ new
38	securityaffairs	2	▲ new
39	Operation	2	▲ 1 (50%)
40	Connect	2	▲ new
41	IoC	2	▼ -3 (-150%)
42	Distribution	2	▲ 1 (50%)
43	Proxy	1	▲ new
44	CVE	1	▲ new
45	cybersec	1	▲ new
46	recent	1	▲ new
47	installation	1	▲ new
48	APT37	1	▲ new
49	DPRK	1	▲ new
50	time	1	▲ new
51	Password	1	- 0 (0%)
52	shell	1	▲ new
53	GhostRAT	1	- 0 (0%)
54	low	1	▼ -2 (-200%)
55	traffic	1	▲ new
56	UNC5221	1	▲ new
57	df5ba1678a4bf515536c0e622a2f97c597927e01bb674a648d82bbdd797425d9	1	▲ new
58	Webshell	1	▲ new
59	Uploaded	1	▲ new
60	abusech	1	▼ -2 (-200%)
61	RokRAT	1	▲ new
62	NSA	1	- 0 (0%)
63	APT	1	▲ new
64	Además	1	▲ new
65	httpstcowU	1	▲ new
66	Detected	1	▲ new
67	Attacks	1	▲ new
68	jpcerten	1	▲ new
69	Symantecs	1	- 0 (0%)
70	RMS	1	▲ new
71	UN	1	▲ new
72	desactivar	1	▲ new
73	patched	1	▲ new
74	instalar	1	▲ new
75	es	1	▲ new
76	North Korea	1	▲ new
77	rurat	1	▲ new
78	lta	1	▲ new
79	flaw	1	▲ new
80	NextgovFCW	1	▲ new
81	href	1	▲ new
82	XWorm	1	▼ -2 (-200%)
83	teamevaluatingglatplygg	1	▲ new
84	SentinelOne	1	- 0 (0%)
85	MgBot	1	- 0 (0%)
86	Volt Typhoon	1	▼ -1 (-100%)
87	persistencia	1	▲ new
88	powershell	1	▼ -3 (-300%)
89	Tunnel	1	▲ new
90	infostealer	1	▲ new
91	CARACAL	1	▲ new
92	인도	1	▲ new
93	NATO	1	▲ new
94	UAE	1	▲ new
95	Police	1	- 0 (0%)
96	India	1	▼ -1 (-100%)
97	panelthrownglatplygg	1	▲ new
98	rayishim	1	▲ new
99	Stealer	1	- 0 (0%)
100	Zoom	1	▲ new

Special keyword group

Top 5

Malware Type

This is the type of malware that is becoming an issue.

Keyword	Average	Label
NetWireRC		33 (45.8%)
DslogdRAT		8 (11.1%)
njRAT		8 (11.1%)
RAT		7 (9.7%)
AsyncRAT		5 (6.9%)

Attacker & Actors

The status of the attacker or attack group being issued.

Keyword	Average	Label
APT37		1 (11.1%)
UNC5221		1 (11.1%)
Volt Typhoon		1 (11.1%)
Lazarus		1 (11.1%)
LOTUS PANDA		1 (11.1%)

Technique

This is an attack technique that is becoming an issue.

Keyword	Average	Label
Exploit		7 (29.2%)
Campaign		5 (20.8%)
RCE		3 (12.5%)
hacking		3 (12.5%)
Social Engineering		2 (8.3%)

Country & Company

This is a country or company that is an issue.

Keyword	Average	Label
Japan		5 (15.6%)
Cloudflare		3 (9.4%)
China		3 (9.4%)
Google		2 (6.3%)
Government		2 (6.3%)

Malware Family

Top 5

A malware family is a group of applications with similar attack techniques.
In this trend, it is classified into Ransomware, Stealer, RAT or Backdoor, Loader, Botnet, Cryptocurrency Miner.

Threat info

Last 5

SNS

(Total : 23)

Total keyword

NetWireRC Malware njRAT c&c C2 DslogdRAT RAT AsyncRAT Japan Attacker Exploit ZeroDay Vulnerability attack Cloudflare hacking IoC Campaign Trojan Report Update UN RMS Distribution target RCE Attacks Advertising XWorm Stealer Social Engineering Victim rurat North Korea APT RokRAT DPRK APT37

No	Title	Date
1	SarlackLab @SarlackLab #njrat #C2 server 94.26.90.81:6666 confirmed 2025-04-26	2025.04.27
2	Szabolcs Schmidt @smica83 Looks like a low detected #GhostRAT Uploaded @abuse_ch https://t.co/wU5at7zuhH https://t.co/oW7we4Uian	2025.04.27
3	Cyber_OSINT @Cyber_O51NT JPCERT warns of DslogdRAT malware exploiting a patched flaw in Ivanti Connect Secure, allowing remote code execution and targeting Japanese organizations, while also linked to the APT Silk Typhoon. #CyberSecurity #Malware https://t.co/LdcjAxvite	2025.04.26
4	SarlackLab @SarlackLab #njrat #C2 server 147.185.221.27:31185 team-evaluating.gl.at.ply.gg confirmed 2025-04-26	2025.04.26
5	Threat Intelligence @threatintel #ThreatProtection New malware campaign uses #Cloudflare tunnels to deploy #AsyncRAT with multi-stage payloads for remote access. Read more about Symantec's protections: https://t.co/QD2pK5Z5nw #Cybersecurity	2025.04.25

News

(Total : 10)

Total keyword

NetWireRC Malware Update Report Exploit attack Vulnerability Campaign China RAT target Attacker CISA AsyncRAT United States Android intelligence Japan DslogdRAT Google ZeroDay RCE Operation Government Advertising c&c Cloudflare Webshell Black Basta VMware Trojan C2 Password njRAT CVE NSA UNC5221 hacking SentinelOne MgBot Volt Typhoon Distribution Lazarus powershell UAE 인도 NATO Police Cryptocurrency India Russia Kaspersky DYEPACK Victim Kimsuky Ucraina Phishing Social Engineering LockBit Sea Turtle RedEcho LOTUS PANDA Sandworm APT41 APT28 OilRig Cobalt Strike

No	Title	Date
1	Decoding njRAT traffic with NetworkMiner - Netresec / Erik Hjelmvik / malpedia	2025.04.28
2	DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks - The Hacker News	2025.04.25
3	DslogdRAT Malware Installed in Ivanti Connect Secure - Malware.News	2025.04.24
4	Top intelligence lawmaker fears China may exploit DOGE’s changes to government - Malware.News	2025.04.24
5	삼성 스마트폰 One UI, 치명적 보안 결함.. 사용자 데이터 '무방비 노출’ - 시큐리티팩트	2025.04.23

Additional information

No	Title	Date
1	Top Tier Target \| What It Takes to Defend a Cybersecurity Company from Today’s Adversaries - Malware.News	2025.04.28
2	28th April – Threat Intelligence Report - Malware.News	2025.04.28
3	Navigating Through The Fog - Malware.News	2025.04.28
4	Huawei Set to Test Powerful AI Chip to Rival Nvidia’s, WSJ Says - Bloomberg Technology	2025.04.28
5	Gamers Beware! New Attack Targets Gamers to Deploy AgeoStealer Malware - Malware.News	2025.04.26
View only the last 5

No	Title	Date
1	DslogdRAT Malware Installed in Ivanti Connect Secure - Malware.News	2025.04.24
2	DslogdRAT Malware Installed in Ivanti Connect Secure - Malware.News	2025.04.24
3	Top intelligence lawmaker fears China may exploit DOGE’s changes to government - Malware.News	2025.04.24
4	Top intelligence lawmaker fears China may exploit DOGE’s changes to government - Malware.News	2025.04.24
5	Top intelligence lawmaker fears China may exploit DOGE’s changes to government - Malware.News	2025.04.24
View only the last 5

No data

Beta Service, If you select keyword, you can check detailed information.