Cyber Threat Trends

Summary: 2025/04/19 12:13

First reported date: 2015/07/22
Inquiry period : 2025/03/20 12:13 ~ 2025/04/19 12:13 (1 months), 12 search results

전 기간대비 50% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 co Update 입니다.
악성코드 유형 Akira 도 새롭게 확인됩니다.
기관 및 기업 Apple China United States Taiwan South Korea 도 새롭게 확인됩니다.
기타 Technology Blockfi Ltd MacOS Ruinor 등 신규 키워드도 확인됩니다.

* 최근 뉴스기사 Top3:
    ㆍ 2025/04/17 iOS 18.4.1, macOS 15.4.1 & Co: Apple liefert Notfall-Patches für mehrere Systeme
    ㆍ 2025/04/11 YouTube Star IShowSpeed Woos US Consumers With Futuristic China Tech
    ㆍ 2025/04/03 BYD to Double Korea Sales Network in Challenge to Hyundai

Date range button:

First seen:

Last seen:

Keyword

Trend graph by period

Related keyword cloud

Top 100

#	Trend	Count	Comparison
1	co	12	▲ 6 (50%)
2	Technology	4	▲ new
3	Ransomware	2	- 0 (0%)
4	Apple	2	▲ new
5	Blockfi	2	▲ new
6	China	2	▲ new
7	Ltd	2	▲ new
8	MacOS	2	▲ new
9	Update	2	▲ 1 (50%)
10	Ruinor	2	▲ new
11	Victim	2	- 0 (0%)
12	Shanghai	1	▲ new
13	Oklahoma	1	▲ new
14	Desinformation	1	▲ new
15	bei	1	▲ new
16	YouTube	1	▲ new
17	United States	1	▲ new
18	Star	1	▲ new
19	IShowSpeed	1	▲ new
20	Wire	1	▲ new
21	Steel	1	▲ new
22	Software	1	- 0 (0%)
23	Inc	1	▲ new
24	Akira	1	▲ new
25	ZeroDay	1	▲ new
26	liefert	1	▲ new
27	für	1	▲ new
28	Formosa	1	▲ new
29	Der	1	▲ new
30	ChatGPT	1	- 0 (0%)
31	Industrial	1	▲ new
32	Japan	1	- 0 (0%)
33	Heji	1	▲ new
34	SquiblydooBlog	1	▲ new
35	und	1	▲ new
36	stopft	1	▲ new
37	CubTiger	1	▲ new
38	Network	1	▲ new
39	Taiwan	1	▲ new
40	Certum	1	▲ new
41	South Korea	1	▲ new
42	Chang	1	▲ new
43	BYD	1	▲ new
44	Alert	1	- 0 (0%)
45	Hyundai	1	▲ new
46	Double	1	▲ new
47	Keroro	1	▲ new
48	Korea	1	▲ new

Special keyword group

Top 5

Malware Type

This is the type of malware that is becoming an issue.

Keyword	Average	Label
Ransomware		2 (66.7%)
Akira		1 (33.3%)

Attacker & Actors

The status of the attacker or attack group being issued.

No data.

Technique

This is an attack technique that is becoming an issue.

No data.

Country & Company

This is a country or company that is an issue.

Keyword	Average	Label
Apple		2 (25%)
China		2 (25%)
United States		1 (12.5%)
Japan		1 (12.5%)
Taiwan		1 (12.5%)

Threat info

Last 5

SNS

(Total : 7)

Total keyword

Ransomware Victim Japan Akira Taiwan

No	Title	Date
1	MalwareHunterTeam @malwrhunterteam "Blockfi Ruinor Security Technology Co., Ltd." (GlobalSign given cert) signed, only 1 detection on VT "SherenVPN-x64-6-1-6.exe" sample: ae45484a1881d55afae4952224c4a8352e1163a9fb57d095431711e5dccdcd18 https://t.co/0uOncNV37F	2025.04.18
2	MalwareHunterTeam @malwrhunterteam You could see the "Blockfi Ruinor Security Technology Co., Ltd." name before here: https://t.co/DSbRI1UwOw GlobalSign that time too... ????‍♂️	2025.04.18
3	Dark Web Informer - Cyber Threat Intelligence @DarkWebInformer ????????????????????Oklahoma Steel & Wire Co. Inc. and STUMPF MÜLLER Biberach GmbH falls victim to Akira Ransomware https://t.co/GhU4FoY2Nc	2025.04.14
4	MalwareHunterTeam @malwrhunterteam "Keroro Technology Co., Ltd." (Certum given cert, revoked after this: https://t.co/tfW3EKub0K) signed "1035__2025-03-28_02-12-15____crm.dll" sample: 0e8993105f9ec0c13990dffc26898994e113ac039b59760260c36554808eb2c3 3pff76b0-9997.brs.devtunnels.ms ????‍♂️ @1ZRR4H https://t.co/dC3xamIyyH	2025.04.03
5	MalwareHunterTeam @malwrhunterteam "CubTiger Network Technology Co., Ltd." (GlobalSign given cert) signed sample: 9e78f89ffa70b6426595e1007db89bc2bd9fd39600d659a347f4689c5a1e67ad 47.236.171.20 https://t.co/NaNQaoIjxQ	2025.04.01

News

(Total : 5)

Total keyword

Apple MacOS China Update ZeroDay United States YouTube ChatGPT Software South Korea

No	Title	Date
1	iOS 18.4.1, macOS 15.4.1 & Co: Apple liefert Notfall-Patches für mehrere Systeme - IT Sicherheitsnews	2025.04.17
2	YouTube Star IShowSpeed Woos US Consumers With Futuristic China Tech - Bloomberg Technology	2025.04.11
3	Desinformation bei ChatGPT und Co.: “Der Propagandagenerator ist immer einen Schritt voraus” - IT Sicherheitsnews	2025.04.07
4	BYD to Double Korea Sales Network in Challenge to Hyundai - Bloomberg Technology	2025.04.03
5	iOS 18.4, macOS 15.4 und Co.: Apple stopft viele Lücken - IT Sicherheitsnews	2025.04.01

Additional information

No	Title	Date
1	Tesla to Delay Production of Cheaper EVs, Reuters Reports - Bloomberg Technology	2025.04.19
2	When Vulnerability Information Flows are Vulnerable Themselves - Malware.News	2025.04.19
3	CISA warns threat hunting staff of end to Google, Censys contracts as agency cuts set in - Malware.News	2025.04.19
4	Radiology practice reportedly working with FBI after ‘data security incident’ - Malware.News	2025.04.19
5	Text scams grow to steal hundreds of millions of dollars - Malware.News	2025.04.19
View only the last 5

No	Title	Date
1	iOS 18.4.1, macOS 15.4.1 & Co: Apple liefert Notfall-Patches für mehrere Systeme - IT Sicherheitsnews	2025.04.17
2	iOS 18.4, macOS 15.4 und Co.: Apple stopft viele Lücken - IT Sicherheitsnews	2025.04.01
3	Schadcode-Sicherheitslücken bedrohen FortiOS, FortiSandbox & Co. - IT Sicherheitsnews	2025.03.13
4	ChatGPT, Claude & Co: Wer bietet die besten Gratis-Features? - IT Sicherheitsnews	2025.03.09
5	Nissan CDS Rises to Highest in Japan, Topping Rakuten, SoftBank - Bloomberg Technolo...	2025.02.18
View only the last 5

No	Request	Hash(md5)	Report No	Date
1	kent.ps1 Client SW User Data Stealer Backdoor RemcosRAT Formbook browser info stealer Hide_EXE Generic Malware Google Chrome User Data Downloader Malicious Library Confuser .NET Antivirus Create Service Socket ScreenShot Escalate priviledges PWS Sniff Audio DNS Co	432719ce1459add67ebe4c01b47310f2	58059	2025.03.13
2	conhost.exe Emotet Generic Malware Suspicious_Script_Bin task schedule Downloader UPX Malicious Library Antivirus Malicious Packer .NET framework(MSIL) Create Service Socket P2P DGA Steal credential Http API Escalate priviledges PWS Sniff Audio HTTP DNS ScreenShot Co	197cf1b5f5228af677c04341b43b58f0	42893	2023.07.08

Level	Description
danger	The process powershell.exe wrote an executable file to disk which it then attempted to execute
danger	Connects to an IP address that is no longer responding to requests (legitimate services will remain up-and-running usually)
danger	Executed a process and injected code into it
watch	Allocates execute permission to another process indicative of possible code injection
watch	Code injection by writing an executable or DLL to the memory of another process
watch	Communicates with host for which no DNS query was performed
watch	Drops a binary and executes it
watch	File has been identified by 11 AntiVirus engines on VirusTotal as malicious
watch	One or more non-whitelisted processes were created
watch	Potential code injection by writing to the memory of another process
watch	Resumed a suspended thread in a remote process potentially indicative of process injection
watch	Used NtSetContextThread to modify a thread in a remote process indicative of process injection
notice	A process attempted to delay the analysis task.
notice	Allocates read-write-execute memory (usually to unpack itself)
notice	Checks adapter addresses which can be used to detect virtual network interfaces
notice	Creates executable files on the filesystem
notice	Drops an executable to the user AppData folder
notice	HTTP traffic contains suspicious features which may be indicative of malware related traffic
notice	One or more potentially interesting buffers were extracted
notice	Performs some HTTP requests
notice	Yara rule detected in process memory
info	Checks amount of memory in system
info	Checks if process is being debugged by a debugger
Network	ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response
Network	ET INFO Executable Download from dotted-quad Host
Network	ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download
Network	ET POLICY PE EXE or DLL Windows file download HTTP

No data

Beta Service, If you select keyword, you can check detailed information.