popup

Cyber Threat Trends

  1. Day Week

conference CrowdStrike 북한

Summary: 2025/04/17 10:48

First reported date: 2015/12/01
Inquiry period : 2025/03/18 10:48 ~ 2025/04/17 10:48 (1 months), 138 search results

전 기간대비 95% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 RCE Malware Exploit Update Vulnerability 입니다.
악성코드 유형 Ransomware GameoverP2P Trojan Vawtrak 도 새롭게 확인됩니다.
공격기술 Phishing hijack Social Engineering Hijacking hacking Backdoor Downloader 도 새롭게 확인됩니다.
기관 및 기업 United States China Government CISA Kaspersky Google Palo Alto Networks Ucraina Russia Chinese Europe VirusTotal NSA 도 새롭게 확인됩니다.
기타 Report Remote Software Code Advertising 등 신규 키워드도 확인됩니다.

 * 최근 뉴스기사 Top3:
    ㆍ 2025/04/17 Hi, robot: Half of all internet traffic now automated
    ㆍ 2025/04/17 Exploiting SMS: Threat Actors Use Social Engineering to Target Companies
    ㆍ 2025/04/17 6,000 WordPress Sites Affected by Arbitrary File Move Vulnerability in Drag and Drop Multiple File Upload for WooCommerce WordPress Plugin

Trend graph by period


Related keyword cloud
Top 100
# Trend Count Comparison
1RCE 138 ▲ 131 (95%)
2Malware 61 ▲ 58 (95%)
3Report 39 ▲ new
4Exploit 38 ▲ 33 (87%)
5Update 37 ▲ 36 (97%)
6Vulnerability 37 ▲ 32 (86%)
7attack 35 ▲ 33 (94%)
8target 33 ▲ 30 (91%)
9Operation 29 ▲ 28 (97%)
10Campaign 27 ▲ 26 (96%)
11Remote 23 ▲ new
12United States 22 ▲ new
13Software 20 ▲ new
14Code 19 ▲ new
15Advertising 18 ▲ new
16intelligence 17 ▲ new
17Microsoft 17 ▲ 16 (94%)
18Victim 16 ▲ 15 (94%)
19China 14 ▲ new
20Windows 13 ▲ 10 (77%)
21Email 13 ▲ new
22Execution 13 ▲ new
23Government 12 ▲ new
24CISA 12 ▲ new
25Ransomware 11 ▲ new
26CVE 11 ▲ 8 (73%)
27Remote Code Execution 10 ▲ 3 (30%)
28Phishing 9 ▲ new
29CVSS 9 ▲ 7 (78%)
30Criminal 9 ▲ new
31ZeroDay 9 ▲ new
32Education 9 ▲ new
33MWNEWS 8 ▲ new
34Access 7 ▲ new
35Password 7 ▲ new
36hijack 7 ▲ new
37Linux 7 ▲ 6 (86%)
38GitHub 7 ▲ new
39Critical 7 ▲ 5 (71%)
40Alert 7 ▲ 6 (86%)
41Browser 6 ▲ new
42Supply chain 6 ▲ new
43MFA 6 ▲ new
44Takedown 6 ▲ new
45threat 6 ▲ 5 (83%)
46c&c 6 ▲ new
47VPN 6 ▲ new
48source 5 ▲ new
49Social Engineering 5 ▲ new
50Distribution 5 ▲ new
51Kaspersky 5 ▲ new
52Telegram 5 ▲ new
53GameoverP2P 5 ▲ new
54Palo 5 ▲ new
55Alto 5 ▲ new
56file 5 ▲ new
57Java 5 ▲ new
58apache 5 ▲ new
59Google 5 ▲ new
60ABB 5 ▲ new
61Cylon 5 ▲ new
62AI 5 ▲ new
63Cryptocurrency 5 ▲ new
64payment 5 ▲ new
65Sale 5 ▲ new
66DNS 5 ▲ 4 (80%)
67IoC 5 ▲ new
68Ivanti 4 ▲ new
69Palo Alto Networks 4 ▲ new
70Trojan 4 ▲ new
71Hijacking 4 ▲ new
72Command 4 ▲ new
73Android 4 ▲ new
74ChatGPT 4 ▲ new
75DarkWeb 4 ▲ new
76Cisco 4 ▲ 2 (50%)
77WooCommerce 4 ▲ new
78hacking 4 ▲ new
79Ucraina 4 ▲ new
80Flaw 4 ▲ 3 (75%)
81Russia 4 ▲ new
82Group 4 ▲ new
83Chinese 4 ▲ new
84Europe 4 ▲ new
85Backdoor 4 ▲ new
86Kubernetes 4 ▲ new
87ltpgt 3 ▲ new
88actor 3 ▲ new
89WordPress 3 ▲ new
90Program 3 ▲ new
91plugin 3 ▲ new
92Downloader 3 ▲ new
93href 3 ▲ new
94VirusTotal 3 ▲ new
95Zero Trust 3 ▲ new
96Vawtrak 3 ▲ new
97Networks 3 ▲ new
98dark 3 ▲ new
99NSA 3 ▲ new
100powershell 3 ▲ new
Special keyword group
Top 5
Malware Type
Malware Type

This is the type of malware that is becoming an issue.

Keyword Average Label
Ransomware
11 (36.7%)
GameoverP2P
5 (16.7%)
Trojan
4 (13.3%)
Vawtrak
3 (10%)
RATel
3 (10%)
Attacker & Actors
Attacker & Actors

The status of the attacker or attack group being issued.

Keyword Average Label
Attack technique
Technique

This is an attack technique that is becoming an issue.

Keyword Average Label
RCE
138 (54.5%)
Exploit
38 (15%)
Campaign
27 (10.7%)
Remote Code Execution
10 (4%)
Phishing
9 (3.6%)
Country & Company
Country & Company

This is a country or company that is an issue.

Keyword Average Label
United States
22 (16.7%)
Microsoft
17 (12.9%)
China
14 (10.6%)
Government
12 (9.1%)
CISA
12 (9.1%)
Threat info
Last 5

SNS

(Total : 34)
  Total keyword

RCE Vulnerability Exploit attack CVE Remote Code Execution Update Report Ransomware ZeroDay DarkWeb target Victim Palo Alto Networks United States payment UK United Kingdom hacking China plugin Spain Windows RAT CVSS Supply chain powershell Attacker MacOS Microsoft Linux Cloudflare Malware Fortinet Ucraina DDoS Magento Android Telegram Gmail ...

No Title Date
1Virus Bulletin @virusbtn
Morphisec's Nadav Lorber analyses ResolverRAT, a newly identified remote access trojan that combines advanced in-memory execution, API and resource resolution at runtime, and layered evasion techniques. https://t.co/28xWuAshLw https://t.co/LRRISv1Zhg		2025.04.16
2Dark Web Informer - Cyber Threat Intelligence @DarkWebInformer
???? Alleged 0day Exploit: Arbitrary File Upload in TinyMCE / CKEditor 5 A threat actor is allegedly offering a zero-day arbitrary file upload to RCE vulnerability affecting TinyMCE and CKEditor 5. ???? Not tied to any known CVE ???? Proof-of-Concept only available via escrow ???? https://t.co/Lzy		2025.04.15
3FalconFeeds.io @FalconFeedsio
???? DragonForce Ransomware Alert ???? DragonForce Ransomware has added 3 new victims to their dark web portal. - Pratt Homes ???????? - PryorMorrow ???????? - KraftKisarna AB ???????? https://t.co/RKgL4T4B0D		2025.04.15
4The Hacker News @TheHackersNews
???? Alert — A 9.0 CVSS flaw in Gladinet’s CentreStack also affects Triofox—both used for remote access. Attackers exploited it as a zero-day in March, hitting 7 orgs by April 11. ???? Root cause: Hardcoded crypto keys → enabled RCE via PowerShell + DLL sideloading ???? Read: https://t.co/w6EXAZH		2025.04.15
5MalwareHunterTeam @malwrhunterteam
Another source for the above "KBW2025.dmg" sample: https://docs.o-sn.com/ -> https://docs.o-sn.com/KBW2025.dmg		2025.04.15

News

(Total : 104)
  Total keyword

RCE Malware Report Update target Exploit attack Operation Vulnerability Campaign Attacker Software United States Advertising intelligence Microsoft Victim China Government Windows Email CISA Phishing Criminal Education CVSS Password hijack Ransomware GitHub c&c Takedown Linux CVE VPN Browser Java Supply chain Google Cryptocurrency MFA GameoverP2P Kaspersky Distribution IoC DNS Remote Code Execution ZeroDay Backdoor Russia Chinese Hijacking Social Engineering Europe Cisco Telegram Kubernetes ChatGPT Smishing VirusTotal Downloader Red Team Docker Vawtrak Android LinkedIn YouTube NSA Ucraina RATel payment Banking Chrome Zero Trust IoT Cryptographic key Cryptocurrency Miner Trojan plugin ...

No Title Date
1Hi, robot: Half of all internet traffic now automated - Malware.News2025.04.17
2Exploiting SMS: Threat Actors Use Social Engineering to Target Companies - Malware.News2025.04.17
36,000 WordPress Sites Affected by Arbitrary File Move Vulnerability in Drag and Drop Multiple File Upload for WooCommerce WordPress Plugin - Malware.News2025.04.17
4Advanced KQL Deep Dive: User State Change Tracking - Malware.News2025.04.17
5Threat Intelligence Snapshot: Week 14, 2025 - Malware.News2025.04.16

Additional information

No data
No data
No data
No URL CC ASN Co Reporter Date
1http://blooming.s3.amazonaws.com/Ea7fbW98CyM5O
CoinMiner elf Ivanti RCE 		US USAMAZON-02abuse_ch2024.01.19
2http://shapefiles.fews.net.s3.amazonaws.com/g6cYGAxHt4JC1
CoinMiner elf Ivanti RCE 		US USabuse_ch2024.01.19
3http://archivevalley-media.s3.amazonaws.com/bbU5Yn3yayTtV
CoinMiner elf Ivanti RCE 		US USabuse_ch2024.01.19
4http://abode-dashboard-media.s3.ap-south-1.amazonaws.com/kaffMm40RNtkg
CoinMiner elf Ivanti RCE 		US USabuse_ch2024.01.19
5http://192.252.183.116:8089/u/123/100123/202401/sshd
CoinMiner Ivanti RCE 		US USBGPNET Global ASNabuse_ch2024.01.19
View only the last 5
Beta Service, If you select keyword, you can check detailed information.