Cyber Threat Trends

Summary: 2025/04/19 22:16

First reported date: 2020/04/13
Inquiry period : 2025/03/20 22:16 ~ 2025/04/19 22:16 (1 months), 10 search results

전 기간대비 70% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 Grandoreiro 입니다.
악성코드 유형 Trojan GameoverP2P Lumma RATel Clipbanker NetWireRC 도 새롭게 확인됩니다.
공격자 Dark Caracal 도 새롭게 확인됩니다.
공격기술 Phishing Campaign Stealer RCE hacking Exploit Social Engineering 도 새롭게 확인됩니다.
기관 및 기업 Banking Spain Mexico China Government Europe Brazil Africa Microsoft Kaspersky Russia United States South Korea Italy India Türkiye Apple Saudi Arabia 도 새롭게 확인됩니다.
기타 Malware target Latin attack Report 등 신규 키워드도 확인됩니다.

According to ESET Research, Grandoreirois a Latin American banking trojan targeting Brazil, Mexico, Spain and Peru. As such, it shows unusual effort by its authors to evade detection and emulation, and progress towards a modular architecture.  Ref.

* 최근 뉴스기사 Top3:
    ㆍ 2025/04/16 Threat Intelligence Snapshot: Week 14, 2025
    ㆍ 2025/04/08 Threat Actors Use VPS Hosting Providers to Deliver Malware and Evade Detection
    ㆍ 2025/04/04 Grandoreiro Stealer Targeting Spain and Latin America: Malware Analysis and Decryption Insights

Date range button:

First seen:

Last seen:

Keyword

Trend graph by period

Related keyword cloud

Top 100

#	Trend	Count	Comparison
1	Grandoreiro	10	▲ 7 (70%)
2	Malware	8	▲ new
3	Phishing	7	▲ new
4	Campaign	7	▲ new
5	Banking	6	▲ new
6	target	6	▲ new
7	Trojan	6	▲ new
8	Spain	5	▲ new
9	Stealer	5	▲ new
10	Latin	4	▲ new
11	attack	4	▲ new
12	Report	4	▲ new
13	Android	3	▲ new
14	Criminal	3	▲ new
15	Mexico	3	▲ new
16	China	2	▲ new
17	Update	2	▲ new
18	intelligence	2	▲ new
19	Threat	2	▲ new
20	Government	2	▲ new
21	Email	2	▲ new
22	Europe	2	▲ new
23	Victim	2	- 0 (0%)
24	Cryptocurrency	2	▲ new
25	GameoverP2P	1	▲ new
26	Windows	1	▲ new
27	Linux	1	▲ new
28	Browser	1	▲ new
29	Brazil	1	▲ new
30	Software	1	▲ new
31	Process Hacker	1	▲ new
32	Dnspy	1	▲ new
33	Africa	1	▲ new
34	Operati	1	▲ new
35	Targeting	1	▲ new
36	Forcepoint	1	▲ new
37	XLabs	1	▲ new
38	recent	1	▲ new
39	Use	1	▲ new
40	VPS	1	▲ new
41	Deliver	1	▲ new
42	Microsoft	1	▲ new
43	RCE	1	▲ new
44	Snapshot	1	▲ new
45	Lumma	1	▲ new
46	hacking	1	▲ new
47	c&c	1	▲ new
48	Exploit	1	▲ new
49	Kaspersky	1	▲ new
50	Russia	1	▲ new
51	United States	1	▲ new
52	Distribution	1	▲ new
53	South Korea	1	▲ new
54	Italy	1	▲ new
55	India	1	▲ new
56	Türkiye	1	▲ new
57	MFA	1	▲ new
58	RATel	1	▲ new
59	Apple	1	▲ new
60	Education	1	▲ new
61	IoC	1	▼ -1 (-100%)
62	Clipbanker	1	▲ new
63	Saudi Arabia	1	▲ new
64	Sau	1	▲ new
65	geofencing	1	▲ new
66	LATAM	1	▲ new
67	securityaffairs	1	▲ new
68	Social Engineering	1	▲ new
69	ForcepointSec	1	▲ new
70	ForcepointLabs	1	▲ new
71	Crooks	1	▲ new
72	NetWireRC	1	▲ new
73	Dark Caracal	1	▲ new
74	Consumer	1	▲ new

Special keyword group

Top 5

Malware Type

This is the type of malware that is becoming an issue.

Keyword	Average	Label
Grandoreiro		10 (47.6%)
Trojan		6 (28.6%)
GameoverP2P		1 (4.8%)
Lumma		1 (4.8%)
RATel		1 (4.8%)

Attacker & Actors

The status of the attacker or attack group being issued.

Keyword	Average	Label
Dark Caracal		1 (100%)

Technique

This is an attack technique that is becoming an issue.

Keyword	Average	Label
Phishing		7 (30.4%)
Campaign		7 (30.4%)
Stealer		5 (21.7%)
RCE		1 (4.3%)
hacking		1 (4.3%)

Country & Company

This is a country or company that is an issue.

Keyword	Average	Label
Banking		6 (18.8%)
Spain		5 (15.6%)
Mexico		3 (9.4%)
China		2 (6.3%)
Government		2 (6.3%)

Threat info

Last 5

SNS

(Total : 4)

Total keyword

Grandoreiro Trojan Phishing Campaign Banking target Spain Malware Stealer Mexico Targeting hacking Victim attack Email

No	Title	Date
1	Virus Bulletin @virusbtn Forcepoint X-Labs researchers present a recent Grandoreiro campaign which targets users in Mexico, Argentina and Spain through phishing emails impersonating the tax agency. https://t.co/4XIdc6x7Hy https://t.co/YCcvt4hxLM	2025.04.07
2	Kimberly @StopMalvertisin Lab52 \| Grandoreiro Stealer Targeting Spain and Latin America: Malware Analysis and Decryption Insights https://t.co/Ojg6wGFFU5	2025.04.04
3	Pierluigi Paganini - Security Affairs @securityaffairs @ForcepointSec @ForcepointLabs Crooks are reviving the #Grandoreiro #banking #trojan https://t.co/ud0xmyE09K #securityaffairs #hacking #malware	2025.03.28
4	ANY.RUN @anyrun_app ???? #Grandoreiro attacks LATAM ⚠️ A phishing campaign is actively targeting Latin American countries, leveraging #geofencing to filter victims. Behind it is Grandoreiro—the most persistent banking #trojan in #LATAM. It effectively bypasses many automated security solutions, https://t.co/QHHWYhEXF	2025.03.27

News

(Total : 6)

Total keyword

Malware Grandoreiro Campaign Phishing Stealer Report target Trojan Banking Spain Criminal attack Android China Europe Government intelligence Update Mexico Cryptocurrency Attacker Apple United States Software Russia Process Hacker Dnspy Africa Brazil Windows Email Kaspersky Microsoft RCE Browser GameoverP2P Linux Italy Exploit Education Clipbanker Saudi Arabia MFA Türkiye India Social Engineering RATel South Korea Distribution NetWireRC Dark Caracal IoC c&c Victim Lumma

No	Title	Date
1	Threat Intelligence Snapshot: Week 14, 2025 - Malware.News	2025.04.16
2	Threat Actors Use VPS Hosting Providers to Deliver Malware and Evade Detection - Malware.News	2025.04.08
3	Grandoreiro Stealer Targeting Spain and Latin America: Malware Analysis and Decryption Insights - Malware.News	2025.04.04
4	Release Notes: Android VM, Pre-Installed Dev Tools, TI Reports & Enhanced Detection - Malware.News	2025.04.03
5	Grandoreiro banking trojan revived in new attacks against Latin America, Europe - Malware.News	2025.03.31

Additional information

No	Title	Date
1	NDPC, Health Ministry Partner to Boost Data Protection in Healthcare - Malware.News	2025.04.19
2	Tesla to Delay Production of Cheaper EVs, Reuters Reports - Bloomberg Technology	2025.04.19
3	When Vulnerability Information Flows are Vulnerable Themselves - Malware.News	2025.04.19
4	CISA warns threat hunting staff of end to Google, Censys contracts as agency cuts set in - Malware.News	2025.04.19
5	Radiology practice reportedly working with FBI after ‘data security incident’ - Malware.News	2025.04.19
View only the last 5

No	Title	Date
1	Threat Intelligence Snapshot: Week 14, 2025 - Malware.News	2025.04.16
2	Threat Intelligence Snapshot: Week 14, 2025 - Malware.News	2025.04.16
3	Threat Actors Use VPS Hosting Providers to Deliver Malware and Evade Detection - Malware.News	2025.04.08
4	Release Notes: Android VM, Pre-Installed Dev Tools, TI Reports & Enhanced Detection - Malware.News	2025.04.03
5	Grandoreiro banking trojan revived in new attacks against Latin America, Europe - Malware.News	2025.03.31
View only the last 5

No data

No	URL	CC	ASN Co	Reporter	Date
1	https://cld.pt/dl/download/d551d44f-78de-44dc-a537-f373b53bfa32/daveztotal.zip Grandoreiro payload	PT	...	johnk3r	2025.01.21
2	https://infopublic67.online/672a581b1849b/%E2%9D%89Documentacion%20Detalles%E2%9D%89_%E2%91%A0%E2%91... Grandoreiro opendir zip			NDA0E	2024.11.06
3	https://www.infopublic67.online/672a581b1849b/%E2%9D%89Documentacion%20Detalles%E2%9D%89_%E2%91%A0%E... Grandoreiro opendir zip			NDA0E	2024.11.06
4	https://www.infopublic67.online/672a581b1849b/672a581b1861e.vbs Grandoreiro opendir vbs			NDA0E	2024.11.06
5	https://www.infopublic67.online/672a581b1849b/672a581b18621.vbs Grandoreiro opendir vbs			NDA0E	2024.11.06
View only the last 5

Beta Service, If you select keyword, you can check detailed information.