Summary: 2025/05/06 20:26
First reported date: 2020/09/22
Inquiry period : 2025/05/05 20:26 ~ 2025/05/06 20:26 (1 days), 2 search results
지난 7일 기간대비 신규 트렌드를 보이고 있습니다.
악성코드 유형 BlackCat Ransomware WannaCry PlugX LockBit BlackSuit ShadowPad RedCurl WannaCryptor BianLian 도 새롭게 확인됩니다.
공격기술 Campaign Phishing Social Engineering 도 새롭게 확인됩니다.
기관 및 기업 United States Microsoft India Australia United Kingdom Canada ESET Google China Taiwan Paloalto Fortinet Check Point 도 새롭게 확인됩니다.
기타 EDR Victim Malware Vulnerability Report 등 신규 키워드도 확인됩니다.
ALPHV, also known as BlackCat or Noberus, is a ransomware family that is deployed as part of Ransomware as a Service (RaaS) operations. ALPHV is written in the Rust programming language and supports execution on Windows, Linux-based operating systems (Debian, Ubuntu, ReadyNAS, Synology), and VMWare ESXi. ALPHV is marketed as ALPHV on cybercrime forums, but is commonly called BlackCat by security researchers due to an icon of a black cat appearing on its leak site. ALPHV has been observed being deployed in ransomware attacks since November 18, 2021.
ALPHV can be configured to encrypt files using either the AES or ChaCha20 algorithms. In order to maximize the amount of ransomed data, ALPHV can delete volume shadow copies, stop processes and services, and stop virtual machines on ESXi servers. ALPHV can self-propagate by using PsExec to remote execute itself on other hosts on the local network. Ref.
* 최근 뉴스기사 Top3:
ㆍ 2025/05/06 Defending Against UNC3944: Cybercrime Hardening Guidance from the Frontlines
ㆍ 2025/05/06 Ransomware Tool Matrix Project Updates: May 2025
참고로 동일한 그룹의 악성코드 타입은 WannaCry Sodinokibi Phobos 등 79개 종이 확인됩니다.
Trend graph by period
Related keyword cloud
Top 100| # | Trend | Count | Comparison |
|---|---|---|---|
| 1 | BlackCat | 2 | ▲ new |
| 2 | United States | 2 | ▲ new |
| 3 | EDR | 2 | ▲ new |
| 4 | Microsoft | 2 | ▲ new |
| 5 | Victim | 2 | ▲ new |
| 6 | Ransomware | 2 | ▲ new |
| 7 | Campaign | 2 | ▲ new |
| 8 | Malware | 2 | ▲ new |
| 9 | Vulnerability | 2 | ▲ new |
| 10 | Report | 2 | ▲ new |
| 11 | India | 1 | ▲ new |
| 12 | powershell | 1 | ▲ new |
| 13 | SMB | 1 | ▲ new |
| 14 | WMI | 1 | ▲ new |
| 15 | VMware | 1 | ▲ new |
| 16 | Australia | 1 | ▲ new |
| 17 | United Kingdom | 1 | ▲ new |
| 18 | Canada | 1 | ▲ new |
| 19 | Windows | 1 | ▲ new |
| 20 | MFA | 1 | ▲ new |
| 21 | arrest | 1 | ▲ new |
| 22 | Update | 1 | ▲ new |
| 23 | Phishing | 1 | ▲ new |
| 24 | VPN | 1 | ▲ new |
| 25 | Tor | 1 | ▲ new |
| 26 | Education | 1 | ▲ new |
| 27 | ESET | 1 | ▲ new |
| 28 | 1 | ▲ new | |
| 29 | WannaCry | 1 | ▲ new |
| 30 | Social Engineering | 1 | ▲ new |
| 31 | PlugX | 1 | ▲ new |
| 32 | LockBit | 1 | ▲ new |
| 33 | China | 1 | ▲ new |
| 34 | Taiwan | 1 | ▲ new |
| 35 | Zero Trust | 1 | ▲ new |
| 36 | BlackSuit | 1 | ▲ new |
| 37 | KillAV | 1 | ▲ new |
| 38 | MimiKatz | 1 | ▲ new |
| 39 | ShadowPad | 1 | ▲ new |
| 40 | RedCurl | 1 | ▲ new |
| 41 | Paloalto | 1 | ▲ new |
| 42 | 팔로알토 | 1 | ▲ new |
| 43 | Palo Alto | 1 | ▲ new |
| 44 | Fortinet | 1 | ▲ new |
| 45 | WannaCryptor | 1 | ▲ new |
| 46 | RTM | 1 | ▲ new |
| 47 | Check Point | 1 | ▲ new |
| 48 | BianLian | 1 | ▲ new |
| 49 | Mandi | 1 | ▲ new |
Special keyword group
Top 5
Malware Type
This is the type of malware that is becoming an issue.
| Keyword | Average | Label |
|---|---|---|
| BlackCat |
|
2 (16.7%) |
| Ransomware |
|
2 (16.7%) |
| WannaCry |
|
1 (8.3%) |
| PlugX |
|
1 (8.3%) |
| LockBit |
|
1 (8.3%) |
Attacker & Actors
The status of the attacker or attack group being issued.
| Keyword | Average | Label |
|---|
Technique
This is an attack technique that is becoming an issue.
| Keyword | Average | Label |
|---|---|---|
| Campaign |
|
2 (50%) |
| Phishing |
|
1 (25%) |
| Social Engineering |
|
1 (25%) |
Country & Company
This is a country or company that is an issue.
| Keyword | Average | Label |
|---|---|---|
| United States |
|
2 (13.3%) |
| Microsoft |
|
2 (13.3%) |
| India |
|
1 (6.7%) |
| Australia |
|
1 (6.7%) |
| United Kingdom |
|
1 (6.7%) |
Malware Family
Top 5
A malware family is a group of applications with similar attack techniques.
In this trend, it is classified into Ransomware, Stealer, RAT or Backdoor, Loader, Botnet, Cryptocurrency Miner.
Threat info
Last 5SNS
(Total : 0)No data.
News
(Total : 2)BlackCat United States EDR Microsoft Victim Ransomware Campaign Malware Vulnerability Report India powershell SMB WMI VMware Australia United Kingdom Canada Windows MFA arrest Update Phishing VPN Tor Education ESET Google Attacker WannaCry Social Engineering PlugX LockBit China Taiwan Zero Trust BlackSuit KillAV MimiKatz ShadowPad RedCurl Paloalto Fortinet WannaCryptor RTM Check Point BianLian
| No | Title | Date |
|---|---|---|
| 1 | Defending Against UNC3944: Cybercrime Hardening Guidance from the Frontlines - Malware.News | 2025.05.06 |
| 2 | Ransomware Tool Matrix Project Updates: May 2025 - Malware.News | 2025.05.06 |
Additional information
| No | Title | Date |
|---|---|---|
| 1 | Tech’s Strong Earnings Results Obscured by Tariff Uncertainty - Bloomberg Technology | 2025.05.06 |
| 2 | AMD, Arm Offer Window Into AI Landscape Ahead of Nvidia Earnings - Bloomberg Technology | 2025.05.06 |
| 3 | Defending Against UNC3944: Cybercrime Hardening Guidance from the Frontlines - Malware.News | 2025.05.06 |
| 4 | Leveling Up GRC: From Fragmented Controls to Strategic Integration - Malware.News | 2025.05.06 |
| 5 | Signal clone used by Waltz to archive messages suspends services after reported hack - Malware.News | 2025.05.06 |
| View only the last 5 | ||
| No | Title | Date |
|---|---|---|
| 1 | Defending Against UNC3944: Cybercrime Hardening Guidance from the Frontlines - Malware.News | 2025.05.06 |
| 2 | Defending Against UNC3944: Cybercrime Hardening Guidance from the Frontlines - Malware.News | 2025.05.06 |
| 3 | Defending Against UNC3944: Cybercrime Hardening Guidance from the Frontlines - Malware.News | 2025.05.06 |
| 4 | Ransomware Tool Matrix Project Updates: May 2025 - Malware.News | 2025.05.06 |
| 5 | Ransomware Tool Matrix Project Updates: May 2025 - Malware.News | 2025.05.06 |
| View only the last 5 | ||