Cyber Threat Trends

Summary: 2025/04/19 12:22

First reported date: 2012/01/05
Inquiry period : 2025/04/18 12:22 ~ 2025/04/19 12:22 (1 days), 3 search results

지난 7일 기간대비 -233% 낮은 트렌드를 보이고 있습니다.
지난 7일 기간대비 상승한 Top5 연관 키워드는 Operation Google Browser VPN Stealer 입니다.
악성코드 유형 Vidar RedLine Raccoon 도 새롭게 확인됩니다.
기타 datalossprevention httpswww Kali infosec dlp 등 신규 키워드도 확인됩니다.

* 최근 뉴스기사 Top3:
ㆍ 2025/04/19 CISA warns threat hunting staff of end to Google, Censys contracts as agency cuts set in
ㆍ 2025/04/18 Dark Web Market: STYX Market

Date range button:

First seen:

Last seen:

Keyword

Trend graph by period

Related keyword cloud

Top 100

#	Trend	Count	Comparison
1	Email	3	▼ -7 (-233%)
2	Operation	2	▲ 1 (50%)
3	Malware	2	▼ -3 (-150%)
4	Google	2	▲ 1 (50%)
5	intelligence	2	- 0 (0%)
6	RCE	2	- 0 (0%)
7	Browser	2	▲ 1 (50%)
8	target	2	▼ -1 (-50%)
9	Update	1	▼ -2 (-200%)
10	Exploit	1	▼ -1 (-100%)
11	VPN	1	▲ 1 (100%)
12	Takedown	1	- 0 (0%)
13	Software	1	- 0 (0%)
14	datalossprevention	1	▲ new
15	attack	1	▼ -2 (-200%)
16	Stealer	1	▲ 1 (100%)
17	Vulnerability	1	▼ -1 (-100%)
18	VirusTotal	1	▲ 1 (100%)
19	Report	1	▼ -3 (-300%)
20	SentinelOne	1	▲ 1 (100%)
21	CISA	1	▲ 1 (100%)
22	ltpgt	1	▲ 1 (100%)
23	httpswww	1	▲ new
24	threat	1	- 0 (0%)
25	Kali	1	▲ new
26	DarkWeb	1	▲ 1 (100%)
27	Criminal	1	- 0 (0%)
28	Vidar	1	▲ new
29	infosec	1	▲ new
30	dlp	1	▲ new
31	Proofpoint	1	▲ 1 (100%)
32	humancentric	1	▲ new
33	information	1	▲ 1 (100%)
34	protection	1	▲ 1 (100%)
35	proactive	1	▲ new
36	RedLine	1	▲ new
37	Raccoon	1	▲ new
38	Kaspersky	1	- 0 (0%)
39	GameoverP2P	1	- 0 (0%)
40	Phishing	1	▼ -2 (-200%)
41	Russia	1	- 0 (0%)
42	Campaign	1	▼ -1 (-100%)
43	c&c	1	- 0 (0%)
44	Cryptocurrency	1	- 0 (0%)
45	Telegram	1	▲ 1 (100%)
46	Ransomware	1	- 0 (0%)
47	Lumma	1	▲ 1 (100%)
48	insiderrisk	1	▲ 1 (100%)
49	agency	1	▲ new

Special keyword group

Top 5

Malware Type

This is the type of malware that is becoming an issue.

Keyword	Average	Label
Vidar		1 (16.7%)
RedLine		1 (16.7%)
Raccoon		1 (16.7%)
GameoverP2P		1 (16.7%)
Ransomware		1 (16.7%)

Attacker & Actors

The status of the attacker or attack group being issued.

No data.

Technique

This is an attack technique that is becoming an issue.

Keyword	Average	Label
RCE		2 (33.3%)
Exploit		1 (16.7%)
Stealer		1 (16.7%)
Phishing		1 (16.7%)
Campaign		1 (16.7%)

Country & Company

This is a country or company that is an issue.

Keyword	Average	Label
Google		2 (25%)
VirusTotal		1 (12.5%)
SentinelOne		1 (12.5%)
CISA		1 (12.5%)
Proofpoint		1 (12.5%)

Threat info

Last 5

SNS

(Total : 1)

Total keyword

dlp Proofpoint Browser Email

No	Title	Date
1	Proofpoint @proofpoint Proofpoint human-centric information protection delivers proactive #datalossprevention and #insiderrisk management across all the modern channels people work—email, endpoint, cloud and browsers. Learn more at https://t.co/I7L48yJ9Zr. #infosec #DLP	2025.04.18

News

(Total : 2)

Total keyword

Google Operation Malware Email intelligence RCE target Takedown Software attack RedLine VPN VirusTotal Report SentinelOne CISA Vulnerability Browser Raccoon Telegram Vidar Kaspersky Phishing Russia Campaign c&c Cryptocurrency Ransomware Exploit Lumma DarkWeb GameoverP2P Criminal Stealer Kali Update

No	Title	Date
1	CISA warns threat hunting staff of end to Google, Censys contracts as agency cuts set in - Malware.News	2025.04.19
2	Dark Web Market: STYX Market - Malware.News	2025.04.18

Additional information

No	Title	Date
1	Tesla to Delay Production of Cheaper EVs, Reuters Reports - Bloomberg Technology	2025.04.19
2	When Vulnerability Information Flows are Vulnerable Themselves - Malware.News	2025.04.19
3	CISA warns threat hunting staff of end to Google, Censys contracts as agency cuts set in - Malware.News	2025.04.19
4	Radiology practice reportedly working with FBI after ‘data security incident’ - Malware.News	2025.04.19
5	Text scams grow to steal hundreds of millions of dollars - Malware.News	2025.04.19
View only the last 5

No	Title	Date
1	CISA warns threat hunting staff of end to Google, Censys contracts as agency cuts set in - Malware.News	2025.04.19
2	CISA warns threat hunting staff of end to Google, Censys contracts as agency cuts set in - Malware.News	2025.04.19
3	CISA warns threat hunting staff of end to Google, Censys contracts as agency cuts set in - Malware.News	2025.04.19
4	CISA warns threat hunting staff of end to Google, Censys contracts as agency cuts set in - Malware.News	2025.04.19
5	Dark Web Market: STYX Market - Malware.News	2025.04.18
View only the last 5

No	Request	Hash(md5)	Report No	Date
1	111_2023-04-07_08-22.exe email stealer Downloader Malicious Library Socket ScreenShot Escalate priviledges PWS Sniff Audio DNS Code injection persistence KeyLogger AntiDebug AntiVM PE File PE32	b1c1243d05e33560bfbda42ce515db8f	54563	2024.10.09
2	download.ics email stealer DGA Http API ScreenShot Escalate priviledges PWS HTTP Internet API KeyLogger AntiDebug AntiVM	7be2232d72dff43cf090b194542cf229	51915	2024.07.23
3	xnnwljxxbbawjwlmac.exe email stealer Generic Malware Possible Infostealer Activity Downloader .NET framework(MSIL) Antivirus Socket Escalate priviledges PWS DNS Code injection Internet API persistence KeyLogger AntiDebug AntiVM PE32 PE File .NET EXE	0c74bc9529b8d9f96fc7e1b47559abd1	48467	2024.02.13
4	conhost.exe Gen1 email stealer Downloader .NET framework(MSIL) UPX Malicious Packer Malicious Library Escalate priviledges PWS DNS Code injection persistence KeyLogger AntiDebug AntiVM PE32 PE File .NET EXE OS Processor Check DLL	d1ebfffb918cb931ae8e6ef5546b9efa	47762	2024.01.31
5	a.exe email stealer Downloader .NET framework(MSIL) Socket ScreenShot Escalate priviledges PWS Sniff Audio DNS Code injection persistence KeyLogger AntiDebug AntiVM PE File PE32 .NET EXE	248fdd80b574b1379fe4f6f1cee40091	46404	2023.11.07
View only the last 5

Level	Description
danger	File has been identified by 59 AntiVirus engines on VirusTotal as malicious
danger	Connects to an IP address that is no longer responding to requests (legitimate services will remain up-and-running usually)
danger	Executed a process and injected code into it
watch	Allocates execute permission to another process indicative of possible code injection
watch	Attempts to remove evidence of file being downloaded from the Internet
watch	Communicates with host for which no DNS query was performed
watch	Potential code injection by writing to the memory of another process
watch	Resumed a suspended thread in a remote process potentially indicative of process injection
watch	Used NtSetContextThread to modify a thread in a remote process indicative of process injection
notice	Allocates read-write-execute memory (usually to unpack itself)
notice	One or more potentially interesting buffers were extracted
notice	Potentially malicious URLs were found in the process memory dump
notice	The binary likely contains encrypted or compressed data indicative of a packer
notice	Yara rule detected in process memory
info	Checks amount of memory in system
info	Checks if process is being debugged by a debugger
info	This executable has a PDB path

No data

Beta Service, If you select keyword, you can check detailed information.