popup

Cyber Threat Trends

  1. Day Week

Gemelli flickerflypro flickerfly

Summary: 2025/04/25 04:53

First reported date: 2011/01/20
Inquiry period : 2025/03/26 04:53 ~ 2025/04/25 04:53 (1 months), 148 search results

전 기간대비 11% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 NetWireRC c&c njRAT C2 RAT 입니다.
악성코드 유형 Stealc Xloader 도 새롭게 확인됩니다.
공격기술 RCE 도 새롭게 확인됩니다.
기관 및 기업 AhnLab 도 새롭게 확인됩니다.
기타 ResolverRAT Low PJobRAT httpstco multistage 등 신규 키워드도 확인됩니다.

Netwire is an advanced RAT — it is a malware that takes control of infected PCs and allows its operators to perform various actions. Unlike many RATs, this one can target every major operating system, including Windows, Linux, and MacOS.  Ref.

 * 최근 뉴스기사 Top3:
    ㆍ 2025/04/24 DslogdRAT Malware Installed in Ivanti Connect Secure
    ㆍ 2025/04/24 Top intelligence lawmaker fears China may exploit DOGE’s changes to government
    ㆍ 2025/04/23 삼성 스마트폰 One UI, 치명적 보안 결함.. 사용자 데이터 '무방비 노출’


참고로 동일한 그룹의 악성코드 타입은 Remcos njRAT QuasarRAT 등 112개 종이 확인됩니다.

Trend graph by period


Related keyword cloud
Top 100
# Trend Count Comparison
1NetWireRC 148 ▲ 17 (11%)
2c&c 68 ▲ 22 (32%)
3Malware 58 ▼ -11 (-19%)
4njRAT 54 ▲ 22 (41%)
5C2 54 ▲ 23 (43%)
6RAT 49 ▲ 10 (20%)
7Campaign 33 ▼ -6 (-18%)
8Phishing 25 ▼ -3 (-12%)
9Report 23 ▼ -7 (-30%)
10target 19 ▼ -11 (-58%)
11IoC 17 ▼ -3 (-18%)
12attack 17 ▼ -8 (-47%)
13Trojan 16 - 0 (0%)
14Advertising 15 ▼ -5 (-33%)
15Victim 15 ▼ -2 (-13%)
16United States 15 ▼ -4 (-27%)
17Update 15 ▼ -6 (-40%)
18China 14 ▼ -1 (-7%)
19AsyncRAT 14 ▼ -11 (-79%)
20Remcos 14 ▲ 7 (50%)
21powershell 13 ▲ 2 (15%)
22Android 12 ▲ 10 (83%)
23Windows 12 ▼ -8 (-67%)
24Email 11 ▼ -2 (-18%)
25intelligence 11 ▲ 1 (9%)
26Kaspersky 10 ▼ -4 (-40%)
27Russia 10 ▼ -1 (-10%)
28Microsoft 9 ▼ -11 (-122%)
29Distribution 9 ▲ 1 (11%)
30XWorm 9 ▼ -4 (-44%)
31Vulnerability 8 ▼ -7 (-88%)
32Software 8 ▼ -4 (-50%)
33Linux 7 ▲ 2 (29%)
34hacking 7 ▲ 2 (29%)
35ZeroDay 7 ▲ 5 (71%)
36Lumma 7 ▼ -5 (-71%)
37India 7 ▲ 5 (71%)
38Cobalt Strike 7 ▲ 3 (43%)
39Government 7 ▼ -1 (-14%)
40Exploit 6 ▼ -14 (-233%)
41Stealer 6 ▼ -16 (-267%)
42Social Engineering 6 ▼ -2 (-33%)
43fake 6 ▲ 5 (83%)
44ResolverRAT 6 ▲ new
45Top 5 ▼ -1 (-20%)
46Operation 5 ▼ -5 (-100%)
47Low 5 ▲ new
48Backdoor 5 ▼ -9 (-180%)
49Stealc 5 ▲ new
50GameoverP2P 5 ▲ 1 (20%)
51abusech 5 ▲ 4 (80%)
52Xloader 5 ▲ new
53North Korea 5 ▲ 2 (40%)
54Taiwan 5 ▲ 3 (60%)
55Cisco 5 ▲ 3 (60%)
56Browser 5 ▼ -3 (-60%)
57ThreatProtection 4 ▼ -1 (-25%)
58Ransomware 4 ▼ -5 (-125%)
59PJobRAT 4 ▲ new
60last 4 ▼ -2 (-50%)
61RCE 4 ▲ new
62Java 4 ▼ -4 (-100%)
63Education 4 - 0 (0%)
64Cryptocurrency 4 ▼ -8 (-200%)
65Amadey 4 ▲ 3 (75%)
66tofsee 4 ▲ 1 (25%)
67snake 4 ▼ -1 (-25%)
68AgentTesla 4 ▼ -1 (-25%)
69CISA 4 ▲ 3 (75%)
70Telegram 3 ▼ -3 (-100%)
71Vawtrak 3 ▲ 1 (33%)
72DCRat 3 ▼ -9 (-300%)
73Lazarus 3 ▲ 2 (67%)
74Ucraina 3 ▼ -6 (-200%)
75AhnLab 3 ▲ new
76Password 3 ▲ 1 (33%)
77Cobalt 3 ▲ 2 (67%)
78Google 3 ▼ -7 (-233%)
79NSA 3 ▲ 2 (67%)
80Criminal 3 ▼ -13 (-433%)
81threat 3 - 0 (0%)
82Germany 3 ▲ 2 (67%)
83Downloader 3 ▲ 2 (67%)
84GitHub 3 ▼ -4 (-133%)
85NortonLifeLock 3 ▼ -2 (-67%)
86Japan 3 - 0 (0%)
87Samples 3 - 0 (0%)
88httpstco 3 ▲ new
89Chinese 3 ▲ 1 (33%)
90NetSupport 3 ▼ -3 (-100%)
91Open Directory 3 ▲ 2 (67%)
92Rhadamanthys 3 ▲ 2 (67%)
93Banking 3 ▲ 2 (67%)
94Volt Typhoon 3 ▲ 2 (67%)
95multistage 3 ▲ new
96healthcare 3 ▲ new
97iocs 3 ▲ new
98MysterySnail 3 ▲ new
99VBScript 3 ▼ -5 (-167%)
100산업 2 ▲ new
Special keyword group
Top 5
Malware Type
Malware Type

This is the type of malware that is becoming an issue.

Keyword Average Label
NetWireRC
148 (41%)
njRAT
54 (15%)
RAT
49 (13.6%)
Trojan
16 (4.4%)
AsyncRAT
14 (3.9%)
Attacker & Actors
Attacker & Actors

The status of the attacker or attack group being issued.

Keyword Average Label
Lazarus
3 (21.4%)
Volt Typhoon
3 (21.4%)
UNC5221
2 (14.3%)
SideCopy
2 (14.3%)
APT28
2 (14.3%)
Attack technique
Technique

This is an attack technique that is becoming an issue.

Keyword Average Label
Campaign
33 (34%)
Phishing
25 (25.8%)
hacking
7 (7.2%)
Exploit
6 (6.2%)
Stealer
6 (6.2%)
Country & Company
Country & Company

This is a country or company that is an issue.

Keyword Average Label
United States
15 (12.3%)
China
14 (11.5%)
Kaspersky
10 (8.2%)
Russia
10 (8.2%)
Microsoft
9 (7.4%)
Malware Family
Top 5

A malware family is a group of applications with similar attack techniques.
In this trend, it is classified into Ransomware, Stealer, RAT or Backdoor, Loader, Botnet, Cryptocurrency Miner.

Threat info
Last 5

SNS

(Total : 100)
  Total keyword

NetWireRC c&c C2 njRAT RAT Malware AsyncRAT XWorm Remcos IoC Phishing Attacker Advertising AgentTesla powershell Lumma Campaign Amadey target Trojan Russia Report Kaspersky DCRat China Distribution Chinese iocs Update Android attack VBScript Rhadamanthys Xloader Japan DDNS ValleyRAT NetSupport Stealc North Korea SectopRAT UN Binance Email ClickFix Microsoft RMS spyware Vulnerability South Korea ZeroDay DslogdRAT RemcosRAT ...

No Title Date
1Germán Fernández @1ZRR4H
2/ Además de instalar persistencia, desactivar AV's y eliminar arranque en modo seguro (entre otras cosas), también implementa: 1.- "fisherprice.msi" es #RuRAT (Remote Utilities) con conexión hacia el dominio ru.elquecreeenmiviviraporsiempre.xyz ???? 2.- "4.dll" es un binario en https://t.co/hgNLs9		2025.04.24
2Cyber_OSINT @Cyber_O51NT
A recent report highlights the installation of DslogdRAT malware in Ivanti Connect Secure, exploiting a zero-day vulnerability (CVE-2025-0282) and enabling attackers to execute commands via a web shell in attacks against Japanese organizations. #CyberSec… https://t.co/MbDUi3uGON		2025.04.24
3SarlackLab @SarlackLab
#njrat #C2 server 193.161.193.99:56152 hiesa-56152.portmap.host confirmed 2025-04-23		2025.04.23
4Virus Bulletin @virusbtn
The Sekoia TDR team and Erwan Chevalier describe a recent infection chain delivering AsyncRAT that relies on an attacker infrastructure they call the “Cloudflare tunnel infrastructure to deliver multiple RATs”, as well as the attacker’s TTPs. https://t.co/asOEFPN2Th https://t.co/LZ8GoosX8G		2025.04.23
5SarlackLab @SarlackLab
#njrat #C2 server 147.185.221.27:52684 recommended-collins.gl.at.ply.gg confirmed 2025-04-23		2025.04.23

News

(Total : 48)
  Total keyword

NetWireRC Malware Campaign RAT Report Phishing Attacker target c&c United States attack Victim Trojan Update Windows China intelligence IoC Advertising Email Android powershell Software Microsoft Vulnerability India Government hacking Cobalt Strike Linux Russia Kaspersky Remcos Distribution ZeroDay Social Engineering Cisco Taiwan Operation GameoverP2P Exploit Stealer AsyncRAT Java Education Browser Backdoor CISA Ransomware RCE Germany Volt Typhoon Downloader Cobalt Google NSA AhnLab Stealc Xloader Vawtrak GitHub North Korea Criminal Cryptocurrency Password Lazarus Lumma RSA Conference ChatGPT UAE Chrome APT28 Kimsuky FBI arrest njRAT Open Directory Banking The Shadow Brokers SideCopy UNC5221 DYEPACK Police RATel MgBot Twitter Takedown ...

No Title Date
1DslogdRAT Malware Installed in Ivanti Connect Secure - Malware.News2025.04.24
2Top intelligence lawmaker fears China may exploit DOGE’s changes to government - Malware.News2025.04.24
3삼성 스마트폰 One UI, 치명적 보안 결함.. 사용자 데이터 '무방비 노출’ - 시큐리티팩트2025.04.23
4인도, 'Make in India' 방아쇠 당기다.. UAE와 최첨단 무기 합작 공장 준공 - 시큐리티팩트2025.04.23
5Hackers Exploit Cloudflare Tunnel Infrastructure to Deploy Multiple Remote Access Trojans - Malware.News2025.04.23

Additional information

No data
No data
No data
No data
Beta Service, If you select keyword, you can check detailed information.