Cyber Threat Trends

Summary: 2025/04/17 16:51

First reported date: 2014/07/29
Inquiry period : 2025/03/18 16:51 ~ 2025/04/17 16:51 (1 months), 17 search results

전 기간대비 71% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 BlackSuit Royal Ransomware Victim Report 입니다.
악성코드 유형 SectopRAT RATel NetWireRC XMRig Rhysida IDATLoader 도 새롭게 확인됩니다.
공격자 UNC5221 Kill Security 도 새롭게 확인됩니다.
공격기술 Remote Code Execution DDoS Exploit Stealer Social Engineering 도 새롭게 확인됩니다.
기관 및 기업 India Apple Check Point Cisco Germany US Saudi Arabia United Kingdom 도 새롭게 확인됩니다.
기타 Mail group Fake Zoom DarkWeb 등 신규 키워드도 확인됩니다.

According to Trend Micro, this ransomware has significant code overlap with Royal Ransomware.  Ref.

* 최근 뉴스기사 Top3:
    ㆍ 2025/04/07 7th April – Threat Intelligence Report
    ㆍ 2025/04/02 Royal Mail Group Loses 144GB to Infostealers: Same Samsung Hacker, Same 2021 Infostealer Log
    ㆍ 2025/03/31 Fake Zoom Ends in BlackSuit Ransomware

참고로 동일한 그룹의 악성코드 타입은 WannaCry Sodinokibi Phobos 등 78개 종이 확인됩니다.

Date range button:

First seen:

Last seen:

Keyword

Trend graph by period

Related keyword cloud

Top 100

#	Trend	Count	Comparison
1	BlackSuit	17	▲ 12 (71%)
2	Royal	9	▲ 7 (78%)
3	Ransomware	8	▲ 6 (75%)
4	Victim	5	▲ 4 (80%)
5	Report	5	▲ 4 (80%)
6	target	4	▲ 3 (75%)
7	Mail	4	▲ new
8	United States	3	▲ 2 (67%)
9	Malware	3	▲ 1 (33%)
10	group	3	▲ new
11	Fake	3	▲ new
12	Zoom	3	▲ new
13	DarkWeb	3	▲ new
14	Alert	3	▲ new
15	Cobalt Strike	2	▲ new
16	SectopRAT	2	▲ new
17	Operation	2	▲ 1 (50%)
18	Saudi	2	▲ new
19	Campaign	2	- 0 (0%)
20	RATel	2	▲ new
21	Ends	2	▲ new
22	Remote Code Execution	2	▲ new
23	Glass	2	▲ new
24	intelligence	2	▲ 1 (50%)
25	DDoS	2	▲ new
26	DFIR	2	▲ new
27	Trebilcock	1	▲ new
28	Fraser	1	▲ new
29	PLAY	1	▲ new
30	Unauthenticated	1	▲ new
31	Addons	1	▲ new
32	sensitive	1	▲ new
33	hacker	1	▲ new
34	royalmail	1	▲ new
35	databreach	1	▲ new
36	Arbitrary	1	▲ new
37	NetWireRC	1	▲ new
38	Elementor	1	▲ new
39	India	1	▲ new
40	Vulnerability	1	- 0 (0%)
41	Apple	1	▲ new
42	Storm	1	▲ new
43	Dark	1	▲ new
44	KILLERS	1	▲ new
45	SERVER	1	▲ new
46	Kosovo	1	▲ new
47	UNC5221	1	▲ new
48	ZeroDay	1	▲ new
49	Update	1	▲ new
50	hacking	1	- 0 (0%)
51	CVSS	1	▲ new
52	XMRig	1	▲ new
53	Check Point	1	▲ new
54	Rhysida	1	▲ new
55	Cisco	1	▲ new
56	Customer	1	▲ new
57	Germany	1	▲ new
58	China	1	- 0 (0%)
59	Android	1	▲ new
60	Samsung	1	▲ new
61	Gmail	1	▲ new
62	Register	1	▲ new
63	Data	1	▲ new
64	httpstcovjmf	1	▲ new
65	impact	1	▲ new
66	leak	1	▲ new
67	IDATLoader	1	▲ new
68	Cobalt	1	▲ new
69	amp	1	▲ new
70	Breach	1	▲ new
71	Alleged	1	▲ new
72	Force	1	▲ new
73	Sample	1	▲ new
74	Billion	1	▲ new
75	Forms	1	▲ new
76	US	1	▲ new
77	Dhabi	1	▲ new
78	Abu	1	▲ new
79	Data Center	1	▲ new
80	Air	1	▲ new
81	Saudi Arabia	1	▲ new
82	Kill Security	1	▲ new
83	Exploit	1	▲ new
84	Falls	1	▲ new
85	Airforce	1	▲ new
86	Supply chain	1	▲ new
87	attack	1	▲ new
88	WordPress	1	▲ new
89	Email	1	▼ -1 (-100%)
90	Browser	1	▲ new
91	LinkedIn	1	▲ new
92	SaudiArabia	1	▲ new
93	Twitter	1	▲ new
94	Stealer	1	▲ new
95	Criminal	1	- 0 (0%)
96	United Kingdom	1	▲ new
97	ChatGPT	1	▲ new
98	Phishing	1	- 0 (0%)
99	Social Engineering	1	▲ new
100	Team	1	▲ new

Special keyword group

Top 5

Malware Type

This is the type of malware that is becoming an issue.

Keyword	Average	Label
BlackSuit		17 (40.5%)
Royal		9 (21.4%)
Ransomware		8 (19%)
SectopRAT		2 (4.8%)
RATel		2 (4.8%)

Attacker & Actors

The status of the attacker or attack group being issued.

Keyword	Average	Label
UNC5221		1 (50%)
Kill Security		1 (50%)

Technique

This is an attack technique that is becoming an issue.

Keyword	Average	Label
Campaign		2 (18.2%)
Remote Code Execution		2 (18.2%)
DDoS		2 (18.2%)
hacking		1 (9.1%)
Exploit		1 (9.1%)

Country & Company

This is a country or company that is an issue.

Keyword	Average	Label
United States		3 (25%)
India		1 (8.3%)
Apple		1 (8.3%)
Check Point		1 (8.3%)
Cisco		1 (8.3%)

Malware Family

Top 5

A malware family is a group of applications with similar attack techniques.
In this trend, it is classified into Ransomware, Stealer, RAT or Backdoor, Loader, Botnet, Cryptocurrency Miner.

Threat info

Last 5

SNS

(Total : 12)

Total keyword

BlackSuit Royal Ransomware target Victim DDoS Remote Code Execution Report DarkWeb Saudi Arabia Kill Security Cobalt Strike Cobalt IDATLoader RATel SectopRAT Operation

No	Title	Date
1	FalconFeeds.io @FalconFeedsio ???? DDoS Alert ???? Dark Storm Team claims to have targeted multiple website in Kosovo. * Ministry of Health???????? * Spitali Royal Medical???????? * University of Mitrovica???????? https://t.co/3kZJaAp3gy	2025.04.13
2	FalconFeeds.io @FalconFeedsio ???? DDoS Alert ???? SERVER KILLERS claims to have targeted multiple website in Kosovo. • Kosovo Chamber of Mediators • Spitali Royal Medical • American Hospital Kosova • National Institute of Public Health of Kosovo • Independent Oversight Council for the Kosovo Civil Service https://t.co/OmxI7Nj	2025.04.13
3	FalconFeeds.io @FalconFeedsio ???? Ransomware Alert: PLAY Ransomware group has added 2 new victims to their dark web portal. * Royal Glass Company, Inc ???????? a leading commercial glass contractor specializing in glass and glazing services for projects including stadiums, universities, hospitals, office https://t.co/GMWAZzd	2025.04.04
4	Dark Web Informer - Cyber Threat Intelligence @DarkWebInformer ????????????Royal Glass and Fraser Trebilcock has Fallen Victim to PLAY Ransomware https://t.co/1FFAQVSA12	2025.04.04
5	Kimberly @StopMalvertisin The Register \| Customer info allegedly stolen from Royal Mail, Samsung via compromised supplier https://t.co/niGjLWxgW2	2025.04.03

News

(Total : 5)

Total keyword

BlackSuit United States Malware Report Attacker intelligence Ransomware DarkWeb Royal Campaign Victim Cobalt Strike NetWireRC Vulnerability CVSS Android Germany China India SectopRAT Cisco RATel Rhysida Check Point XMRig hacking Apple Update ZeroDay Email Supply chain Phishing Data Center US Social Engineering ChatGPT Operation United Kingdom Criminal Stealer Gmail Twitter LinkedIn Exploit Browser WordPress target attack UNC5221

No	Title	Date
1	7th April – Threat Intelligence Report - Malware.News	2025.04.07
2	[webapps] Royal Elementor Addons and Templates 1.3.78 - Unauthenticated Arbitrary File Upload - Exploit-DB.com	2025.04.05
3	Royal Mail Group Loses 144GB to Infostealers: Same Samsung Hacker, Same 2021 Infostealer Log - Malware.News	2025.04.02
4	Fake Zoom Ends in BlackSuit Ransomware - Malware.News	2025.03.31
5	Abu Dhabi Forms $25 Billion US Energy Venture to Power AI - Bloomberg Technology	2025.03.20

Additional information

No	Title	Date
1	엔디비아 'AI 심장부' GPU에 보안 구멍.. '즉시 패치' 비상 - 시큐리티팩트	2025.04.17
2	Hi, robot: Half of all internet traffic now automated - Malware.News	2025.04.17
3	Zoom Sees Outage With 50,000 Users Reporting Availability Issues - Bloomberg Technology	2025.04.17
4	Nude photos and names: KU Health and Kansas hospital sued for data breach - Malware.News	2025.04.17
5	DeepSeek Poses ‘Profound’ Security Threat, US House Panel Claims - Bloomberg Technology	2025.04.17
View only the last 5

No	Title	Date
1	7th April – Threat Intelligence Report - Malware.News	2025.04.07
2	7th April – Threat Intelligence Report - Malware.News	2025.04.07
3	7th April – Threat Intelligence Report - Malware.News	2025.04.07
4	BlackBasta Leaks: Lessons from the Ascension Health attack - Malware.News	2025.02.28
5	BlackBasta Leaks: Lessons from the Ascension Health attack - Malware.News	2025.02.28
View only the last 5

No data

Beta Service, If you select keyword, you can check detailed information.