Cyber Threat Trends

Summary: 2025/04/17 16:42

First reported date: 2010/02/20
Inquiry period : 2025/03/18 16:42 ~ 2025/04/17 16:42 (1 months), 333 search results

전 기간대비 21% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 Phishing Malware Campaign Report attack 입니다.
공격기술 RCE 도 새롭게 확인됩니다.
기타 Hackers 신규 키워드도 확인됩니다.

“피싱(Phishing)”이란 ‘개인정보(Private data)를 낚는다(Fishing)’라는 의미의 합성어로, 전화·문자·메신저·가짜사이트 등 전기통신수단을 이용한 비대면거래를 통해 피해자를 기망·공갈함으로써 이용자의 개인정보나 금융정보를 빼낸 후, 타인의 재산을 갈취하는 사기 수법
https://www.easylaw.go.kr/CSP/CnpClsMainBtr.laf?popMenu=ov&amp;amp;csmSeq=1592&amp;amp;ccfNo=

* 최근 뉴스기사 Top3:
    ㆍ 2025/04/17 LabHost: A defunct but potent phishing service
    ㆍ 2025/04/17 Cascading Shadows: An Attack Chain Approach to Avoid Detection and Complicate Analysis
    ㆍ 2025/04/17 Exploiting SMS: Threat Actors Use Social Engineering to Target Companies

Date range button:

First seen:

Last seen:

Keyword

Trend graph by period

Related keyword cloud

Top 100

#	Trend	Count	Comparison
1	Phishing	333	▲ 69 (21%)
2	Malware	176	▲ 14 (8%)
3	Campaign	130	▲ 16 (12%)
4	Report	109	▲ 18 (17%)
5	attack	105	▲ 10 (10%)
6	Email	91	▼ -5 (-5%)
7	target	85	▼ -2 (-2%)
8	Victim	74	▲ 21 (28%)
9	United States	68	▲ 21 (31%)
10	Exploit	67	▼ -12 (-18%)
11	Update	61	▲ 13 (21%)
12	Criminal	57	- 0 (0%)
13	intelligence	54	▲ 2 (4%)
14	Advertising	51	▲ 13 (25%)
15	Kaspersky	45	▲ 16 (36%)
16	Microsoft	45	▲ 5 (11%)
17	IoC	41	- 0 (0%)
18	Windows	40	▲ 6 (15%)
19	Operation	36	▼ -1 (-3%)
20	c&c	36	▲ 5 (14%)
21	Government	35	▲ 11 (31%)
22	Russia	35	▲ 8 (23%)
23	Remote Code Execution	35	▼ -18 (-51%)
24	Software	33	▲ 3 (9%)
25	Password	32	▲ 4 (13%)
26	Ransomware	32	▼ -7 (-22%)
27	Vulnerability	31	▼ -9 (-29%)
28	Google	30	▲ 9 (30%)
29	Trojan	30	▲ 13 (43%)
30	Education	29	- 0 (0%)
31	China	28	▲ 7 (25%)
32	Stealer	28	▼ -10 (-36%)
33	NetWireRC	25	- 0 (0%)
34	Android	24	▲ 10 (42%)
35	threat	24	▼ -4 (-17%)
36	Browser	23	▲ 3 (13%)
37	Distribution	23	▲ 2 (9%)
38	Telegram	22	▲ 7 (32%)
39	Social Engineering	22	▼ -8 (-36%)
40	Ucraina	22	▲ 17 (77%)
41	Cryptocurrency	19	▼ -2 (-11%)
42	MFA	19	▼ -8 (-42%)
43	DarkWeb	18	▼ -2 (-11%)
44	hacking	18	▲ 2 (11%)
45	powershell	17	▼ -2 (-12%)
46	Smishing	17	▲ 15 (88%)
47	North Korea	16	▲ 1 (6%)
48	Australia	16	▲ 8 (50%)
49	DNS	16	▲ 14 (88%)
50	Linux	16	▲ 6 (38%)
51	Europe	15	▲ 8 (53%)
52	MWNEWS	15	▲ 5 (33%)
53	United Kingdom	15	▲ 6 (40%)
54	RAT	14	▲ 3 (21%)
55	GitHub	14	▼ -2 (-14%)
56	Backdoor	13	▼ -2 (-15%)
57	LinkedIn	13	▼ -1 (-8%)
58	Banking	13	▼ -4 (-31%)
59	payment	13	▼ -5 (-38%)
60	Chrome	13	▲ 6 (46%)
61	DYEPACK	12	▲ 6 (50%)
62	Zero Trust	12	▲ 7 (58%)
63	Java	12	▼ -7 (-58%)
64	AI	11	▲ 2 (18%)
65	ZeroDay	11	- 0 (0%)
66	South Korea	11	▼ -2 (-18%)
67	DDoS	11	▲ 5 (45%)
68	RATel	10	▲ 5 (50%)
69	Remcos	10	▲ 6 (60%)
70	Germany	10	▲ 2 (20%)
71	Twitter	10	▼ -4 (-40%)
72	GameoverP2P	10	▼ -3 (-30%)
73	Kit	10	▲ 8 (80%)
74	Cobalt Strike	9	▲ 1 (11%)
75	malicious	9	▼ -2 (-22%)
76	ThreatProtection	9	▲ 2 (22%)
77	Check Point	9	▲ 3 (33%)
78	India	9	▼ -1 (-11%)
79	Vawtrak	9	▲ 6 (67%)
80	RCE	9	▲ new
81	Japan	9	▼ -4 (-44%)
82	AhnLab	9	- 0 (0%)
83	Cloudflare	9	▲ 5 (56%)
84	arrest	9	▲ 4 (44%)
85	PhAAS	9	▲ 8 (89%)
86	amp	9	▲ 7 (78%)
87	Hackers	9	▲ new
88	Spear Phishing	8	▼ -3 (-38%)
89	fake	8	- 0 (0%)
90	Cisco	8	▲ 2 (25%)
91	WhatsApp	8	▲ 1 (13%)
92	scam	8	▲ 6 (75%)
93	Supply chain	8	▲ 3 (38%)
94	Lumma	8	▼ -9 (-113%)
95	Platform	7	▲ 6 (86%)
96	Tax	7	▲ 5 (71%)
97	Apple	7	▼ -2 (-29%)
98	YouTube	7	▲ 3 (43%)
99	EDR	7	▼ -1 (-14%)
100	ESET	7	- 0 (0%)

Special keyword group

Top 5

Malware Type

This is the type of malware that is becoming an issue.

Keyword	Average	Label
Ransomware		32 (18%)
Trojan		30 (16.9%)
NetWireRC		25 (14%)
RAT		14 (7.9%)
DYEPACK		12 (6.7%)

Attacker & Actors

The status of the attacker or attack group being issued.

Keyword	Average	Label
Anonymous		6 (54.5%)
APT29		5 (45.5%)

Technique

This is an attack technique that is becoming an issue.

Keyword	Average	Label
Phishing		333 (47%)
Campaign		130 (18.4%)
Exploit		67 (9.5%)
Remote Code Execution		35 (4.9%)
Stealer		28 (4%)

Country & Company

This is a country or company that is an issue.

Keyword	Average	Label
United States		68 (13.5%)
Kaspersky		45 (8.9%)
Microsoft		45 (8.9%)
Government		35 (7%)
Russia		35 (7%)

Threat info

Last 5

SNS

(Total : 132)

Total keyword

Phishing Campaign attack Malware target Email Kaspersky Report Exploit Trojan Update IoC Government Europe Russia Attacker Victim Microsoft Attacks DNS Ucraina Supply chain Android APT Password Remcos Operation Windows United States North Korea Criminal IOCs hacking China APT29 Cloudflare Google Check Point Backdoor GraphicalNeutrino Advertising hijack NetWireRC DPRK Education Smishing Java Spear Phishing WhatsApp Telegram powershell US ...

No	Title	Date
1	Cyber_OSINT @Cyber_O51NT Cofense's Christopher Matta warns of an increase in smishing attacks exploiting human emotions to bypass skepticism, manipulate urgency, and harvest credentials, emphasizing the need for vigilance against SMS-based phishing threats. #CyberSecurity #Phish… https://t.co/fnm0cl6Msl	2025.04.17
2	Cyber_OSINT @Cyber_O51NT Check Point Research reports that APT29 has launched a renewed phishing campaign targeting European diplomats by impersonating a foreign affairs ministry with fake wine-tasting invitations, deploying the GRAPELOADER malware. #CyberSecurity https://t.co/wBarrfcbUa	2025.04.16
3	The Hacker News @TheHackersNews "Your firewall won’t save you." Hackers are using ChatGPT to craft phishing lures & scan attack surfaces. Meanwhile, most orgs still cling to VPNs & 30-year-old security models. ???? Zero Trust + AI isn’t hype — it’s survival. Don’t fall behind: https://t.co/Zgwhioippw	2025.04.16
4	Virus Bulletin @virusbtn The Check Point Research team analyse a renewed APT29 phishing campaign targeting diplomatic entities across Europe. The campaign employs a new loader, called GRAPELOADER, which is downloaded via a link in the phishing email. https://t.co/Pkb5PsOrgj https://t.co/3NczqtgFHb	2025.04.16
5	ANY.RUN @anyrun_app ???? New #ClickFix scam targets US users with fake MS Defender and CloudFlare pages. ⚠️ The scam page is hosted on a domain registered back in 2006, pretending to be the Indo-American Chamber of Commerce. ???? The #phishing page loads only for US-based victims, as observed during https://t.co/bStRXF	2025.04.16

News

(Total : 201)

Total keyword

Phishing Malware Campaign Report attack Email Victim United States target Attacker Update Criminal intelligence Exploit Advertising Microsoft Windows c&c Software IoC Remote Code Execution Operation Ransomware Vulnerability Russia Password Government Google Kaspersky Stealer Education China NetWireRC Distribution Browser Social Engineering Trojan Android Telegram Cryptocurrency DarkWeb MFA Ucraina powershell United Kingdom Linux Australia Smishing hacking LinkedIn North Korea GitHub Chrome RAT DYEPACK Banking Zero Trust payment DDoS DNS South Korea Germany GameoverP2P Backdoor ZeroDay Java RCE Twitter arrest Japan Europe RATel Vawtrak Lumma Cobalt Strike India ESET Cisco Canada VirusTotal Apple YouTube AhnLab Takedown CISA VBScript 피싱 RSA Conference Check Point ChatGPT Spain Raccoon Remcos Anonymous Lobshot ...

No	Title	Date
1	LabHost: A defunct but potent phishing service - Malware.News	2025.04.17
2	Cascading Shadows: An Attack Chain Approach to Avoid Detection and Complicate Analysis - Unit 42	2025.04.17
3	Exploiting SMS: Threat Actors Use Social Engineering to Target Companies - Malware.News	2025.04.17
4	Wars without Gun Smoke: China Plays the Cyber Name-and-Shame Game on Taiwan and the U.S - Malware.News	2025.04.17
5	“I sent you an email from your email account,” sextortion scam claims - Malware.News	2025.04.17

Additional information

No	Title	Date
1	엔디비아 'AI 심장부' GPU에 보안 구멍.. '즉시 패치' 비상 - 시큐리티팩트	2025.04.17
2	Hi, robot: Half of all internet traffic now automated - Malware.News	2025.04.17
3	Zoom Sees Outage With 50,000 Users Reporting Availability Issues - Bloomberg Technology	2025.04.17
4	Nude photos and names: KU Health and Kansas hospital sued for data breach - Malware.News	2025.04.17
5	DeepSeek Poses ‘Profound’ Security Threat, US House Panel Claims - Bloomberg Technology	2025.04.17
View only the last 5

No	Title	Date
1	Exploiting SMS: Threat Actors Use Social Engineering to Target Companies - Malware.News	2025.04.17
2	Wars without Gun Smoke: China Plays the Cyber Name-and-Shame Game on Taiwan and the U.S - Malware.News	2025.04.17
3	Threat Intelligence Snapshot: Week 14, 2025 - Malware.News	2025.04.16
4	Threat Intelligence Snapshot: Week 14, 2025 - Malware.News	2025.04.16
5	CVE-2025-24054, NTLM Exploit in the Wild - Malware.News	2025.04.16
View only the last 5

No data

No	Category	URL	CC	ASN Co	Date
1	phishing	https://www.w3counter.com/track/pv?id=151293	US	CLOUDFLARENET	2024.06.19
2	phishing	https://www.w3counter.com/tracker.js?id=151293	US		2024.06.19

No	URL	CC	ASN Co	Reporter	Date
1	https://drive.google.com/uc?export=download&id=1pvS-c0vJMrTDuJvYES8UJ3CBHk5FC_Xq phishing	US	GOOGLE	JAMESWT_MHT	2025.03.03
2	https://drive.google.com/uc?export=download&id=1hUf5CK2m4PcshRxUmPgroynM1IYMgtzX phishing	US	GOOGLE	JAMESWT_MHT	2025.03.03
3	https://drive.usercontent.google.com/u/0/uc?id=1oVYWzJi9Tw6x0zGRa8di76JxbjhDHWgd&export=download phishing	US	GOOGLE	JAMESWT_MHT	2025.03.03
4	https://markitos.shop/riiw2.mp4 Fake captcha Lumma Stealer stager phishing			anonymous	2025.01.21
5	https://threemanshop.com/jsnom.js js phishing	US	CLOUDFLARENET	NDA0E	2024.06.25
View only the last 5

Beta Service, If you select keyword, you can check detailed information.