popup

Cyber Threat Trends

  1. Day Week

conference CrowdStrike 북한

Summary: 2025/04/17 13:09

First reported date: 2011/03/30
Inquiry period : 2025/03/18 13:09 ~ 2025/04/17 13:09 (1 months), 53 search results

전 기간대비 13% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 Java Update Campaign Advertising Software 입니다.
악성코드 유형 RATel Black Basta Clop 도 새롭게 확인됩니다.
공격기술 RCE 도 새롭게 확인됩니다.
기관 및 기업 Oracle Chinese 오라클 South Korea 도 새롭게 확인됩니다.
기타 CVSS Apache ZeroDay Supply chain critical 등 신규 키워드도 확인됩니다.

 * 최근 뉴스기사 Top3:
    ㆍ 2025/04/16 Threat actors misuse Node.js to deliver malware and other malicious payloads
    ㆍ 2025/04/14 중국發 '스미싱 트라이어드', 전 세계 121개국 금융 정보 노린다
    ㆍ 2025/04/13 Schwachstellen bedrohen IBM Installation Manager, Java Runtime & Co.

Trend graph by period


Related keyword cloud
Top 100
# Trend Count Comparison
1Java 53 ▲ 7 (13%)
2Malware 30 - 0 (0%)
3Update 20 ▲ 7 (35%)
4Campaign 17 ▲ 1 (6%)
5Report 16 ▼ -2 (-13%)
6Advertising 16 ▲ 4 (25%)
7Software 14 ▲ 4 (29%)
8Vulnerability 14 ▲ 3 (21%)
9attack 14 ▼ -3 (-21%)
10Remote Code Execution 14 ▲ 3 (21%)
11Email 13 ▲ 4 (31%)
12Phishing 12 ▼ -7 (-58%)
13Victim 12 ▼ -2 (-17%)
14Exploit 12 ▼ -2 (-17%)
15intelligence 11 ▲ 4 (36%)
16Windows 10 ▼ -5 (-50%)
17target 10 ▼ -5 (-50%)
18United States 9 ▼ -3 (-33%)
19Browser 8 ▲ 1 (13%)
20c&c 8 ▼ -2 (-25%)
21China 8 ▲ 4 (50%)
22CVSS 7 ▲ new
23Cryptocurrency 7 ▲ 2 (29%)
24CVE 7 ▲ 5 (71%)
25Ransomware 7 ▲ 4 (57%)
26JavaScript 7 - 0 (0%)
27GitHub 7 ▼ -1 (-14%)
28Microsoft 7 ▼ -7 (-100%)
29Criminal 7 ▲ 3 (43%)
30Oracle 7 ▲ new
31Distribution 6 ▲ 3 (50%)
32Apache 6 ▲ new
33Education 5 - 0 (0%)
34hijack 5 ▲ 1 (20%)
35Twitter 5 ▼ -2 (-40%)
36NetWireRC 5 ▼ -3 (-60%)
37IoC 5 ▼ -11 (-220%)
38RCE 5 ▲ new
39Government 4 ▼ -2 (-50%)
40Telegram 4 ▲ 1 (25%)
41hacking 4 ▲ 2 (50%)
42Operation 4 ▼ -1 (-25%)
43AhnLab 4 ▲ 3 (75%)
44ZeroDay 4 ▲ new
45Kaspersky 4 - 0 (0%)
46Supply chain 4 ▲ new
47malicious 4 ▼ -3 (-75%)
48Stealer 4 ▼ -8 (-200%)
49powershell 4 ▼ -7 (-175%)
50critical 4 ▲ new
51Vawtrak 4 ▲ 3 (75%)
52Social Engineering 4 - 0 (0%)
53Backdoor 4 ▼ -5 (-125%)
54ESET 4 ▲ 3 (75%)
55Downloader 4 ▲ 3 (75%)
56Cloudflare 3 ▲ 1 (33%)
57Chinese 3 ▲ new
58Tomcat 3 ▲ new
59Malvertising 3 ▲ 2 (67%)
60Linux 3 ▼ -3 (-100%)
61Takedown 3 ▲ 1 (33%)
62Android 3 ▼ -1 (-33%)
63공격 3 ▲ new
64MWNEWS 3 ▲ new
65Password 3 ▼ -1 (-33%)
66RAT 3 ▲ 1 (33%)
67HTML 3 ▲ 2 (67%)
68CISA 3 ▲ 2 (67%)
69PoC 3 ▲ 2 (67%)
70DarkWeb 3 ▲ 2 (67%)
71Google 3 ▼ -3 (-100%)
72RATel 3 ▲ new
73Black Basta 3 ▲ new
74Russia 3 ▲ 2 (67%)
75parquet 3 ▲ new
76cybercrime 2 ▲ 1 (50%)
77Australia 2 ▲ 1 (50%)
78오라클 2 ▲ new
79Platforms 2 ▲ new
80Trojan 2 - 0 (0%)
81Clop 2 ▲ new
82GameoverP2P 2 ▼ -4 (-200%)
83VBScript 2 ▼ -4 (-200%)
84South Korea 2 ▲ new
85Germany 2 ▲ 1 (50%)
86iCloud 2 ▲ new
87ProtectionHighlight 2 ▲ new
88India 2 - 0 (0%)
89flaw 2 ▲ new
90code 2 ▼ -2 (-100%)
91Remcos 2 ▲ 1 (50%)
92LinkedIn 2 ▼ -5 (-250%)
93Banking 2 - 0 (0%)
94Interception 2 ▲ 1 (50%)
95QRadar Security Suite 2 ▲ new
96amp 2 ▲ new
97NortonLifeLock 2 ▲ new
98ThreatProtection 2 ▲ new
99file 2 ▲ 1 (50%)
100데이터 2 ▲ new
Special keyword group
Top 5
Malware Type
Malware Type

This is the type of malware that is becoming an issue.

Keyword Average Label
Ransomware
7 (18.9%)
NetWireRC
5 (13.5%)
Vawtrak
4 (10.8%)
RAT
3 (8.1%)
RATel
3 (8.1%)
Attacker & Actors
Attacker & Actors

The status of the attacker or attack group being issued.

Keyword Average Label
Attack technique
Technique

This is an attack technique that is becoming an issue.

Keyword Average Label
Campaign
17 (18.7%)
Remote Code Execution
14 (15.4%)
Phishing
12 (13.2%)
Exploit
12 (13.2%)
hijack
5 (5.5%)
Country & Company
Country & Company

This is a country or company that is an issue.

Keyword Average Label
United States
9 (11.8%)
China
8 (10.5%)
Microsoft
7 (9.2%)
Oracle
7 (9.2%)
Government
4 (5.3%)
Threat info
Last 5

SNS

(Total : 13)
  Total keyword

Java attack Email Phishing China ZeroDay Malware Cryptocurrency CVE Remote Code Execution hacking CVSS Malvertising Software Campaign Vulnerability chinese Attacker Update Botnet hijack GootLoader Android Dropper DarkWeb Interception Advertising

No Title Date
1Microsoft Threat Intelligence @MsftSecIntel
Node.js is an open-source, cross-platform JavaScript runtime environment that's widely used and trusted by developers to build frontend and backend applications. However, threat actors are also leveraging these Node.js characteristics to facilitate malicious activity.		2025.04.15
2Microsoft Threat Intelligence @MsftSecIntel
Recent observed attacks include a malvertising campaign related to cryptocurrency trading, luring users into downloading a malicious installer disguised as legitimate software. Another notable technique involves inline JavaScript execution via Node.js to deploy malware.		2025.04.15
3Gi7w0rm @Gi7w0rm
Anyone with a working decrypter/deobfuscator for #chinese #javascript obfuscation tool #jsvmp ? Lattest version of a creditcard skimmer I found is using it and its way above my JavaScript capabilities to crack it.		2025.04.05
4The Hacker News @TheHackersNews
???? Massive new risk for data systems! CVE-2025-30065 | Apache Parquet Java lib flaw (CVSS 10.0) lets attackers execute arbitrary code via poisoned files. If your pipelines touch untrusted Parquet files, patch NOW. Read: https://t.co/eDM2YrFEIY		2025.04.04
5Virus Bulletin @virusbtn
Forcepoint's Ben Gibney looks into malicious SVG (Scalable Vector Graphics) following a recent increase in their use. The format introduces the possibility of embedded JavaScript and opens an attack vector for malicious activity. https://t.co/hbIvzmGGzr https://t.co/3n5JernQk1		2025.04.04

News

(Total : 40)
  Total keyword

Java Malware Attacker Update Report Campaign Advertising Vulnerability Remote Code Execution Software Victim Exploit intelligence Email attack Windows target United States Phishing c&c Browser Microsoft Oracle Criminal GitHub Ransomware China CVE Distribution CVSS NetWireRC IoC Education RCE Twitter Cryptocurrency Social Engineering powershell Vawtrak Operation Government AhnLab Stealer hijack ESET Supply chain Downloader Telegram Backdoor Kaspersky Google Cloudflare Password hacking Takedown CISA Linux PoC Black Basta Russia RAT RATel iCloud GameoverP2P 오라클 Trojan VBScript Banking Australia LinkedIn South Korea India Chinese Clop Remcos Germany Malvertising QRadar Security Suite DarkWeb Smishing EDR VPN Japan IBM VMware Android ...

No Title Date
1IT Sicherheitsnews taegliche Zusammenfassung 2025-04-16 12h : 5 posts - IT Sicherheitsnews2025.04.16
2Oracle Java SE: Mehrere Schwachstellen - IT Sicherheitsnews2025.04.16
3Threat actors misuse Node.js to deliver malware and other malicious payloads - Malware.News2025.04.16
4Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence - The Hacker News2025.04.15
5중국發 '스미싱 트라이어드', 전 세계 121개국 금융 정보 노린다 - 시큐리티팩트2025.04.14

Additional information

No data
No data
No data
No URL CC ASN Co Reporter Date
1http://26.77.178.64:19490/spread.txt
bash cert java wget 		US USAsh_XSS_12025.02.10
2https://raw.githubusercontent.com/Vespeno/bat/main/rt.jar
grabber jar java Luxot malware payload PirateStealer rat stealer 		US USFASTLYshotgunner1012024.08.14
3https://raw.githubusercontent.com/Vespeno/bat/main/xray.jar
grabber jar java Luxot malware payload PirateStealer rat stealer 		US USFASTLYshotgunner1012024.08.14
4https://raw.githubusercontent.com/Vespeno/bat/main/hz.jar
grabber jar java Luxot malware payload PirateStealer rat stealer 		US USFASTLYshotgunner1012024.08.14
5https://raw.githubusercontent.com/Vespeno/bat/main/qraken.jar
grabber jar java Luxot malware payload PirateStealer rat stealer 		US USFASTLYshotgunner1012024.08.14
View only the last 5
Beta Service, If you select keyword, you can check detailed information.