Cyber Threat Trends

Summary: 2025/04/17 15:58

First reported date: 2008/06/10
Inquiry period : 2025/03/18 15:58 ~ 2025/04/17 15:58 (1 months), 579 search results

전 기간대비 -2% 낮은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 Malware attack Report United States target 입니다.
악성코드 유형 RedCurl 도 새롭게 확인됩니다.
공격기술 RCE 도 새롭게 확인됩니다.
기타 April BlackLock Locker IP 신규 키워드도 확인됩니다.

* 최근 뉴스기사 Top3:
    ㆍ 2025/04/17 Interlock ransomware evolves tactics with ClickFix, infostealers
    ㆍ 2025/04/17 Wars without Gun Smoke: China Plays the Cyber Name-and-Shame Game on Taiwan and the U.S
    ㆍ 2025/04/16 Threat Intelligence Snapshot: Week 15, 2025

참고로 동일한 그룹의 악성코드 타입은 WannaCry Sodinokibi Phobos 등 78개 종이 확인됩니다.

Date range button:

First seen:

Last seen:

Keyword

Trend graph by period

Related keyword cloud

Top 100

#	Trend	Count	Comparison
1	Ransomware	579	▼ -9 (-2%)
2	Victim	254	▼ -32 (-13%)
3	Alert	191	- 0 (0%)
4	Malware	138	▲ 2 (1%)
5	attack	116	▲ 4 (3%)
6	Report	109	▲ 11 (10%)
7	DarkWeb	82	▼ -27 (-33%)
8	United States	76	▲ 2 (3%)
9	group	73	▼ -20 (-27%)
10	target	65	▲ 16 (25%)
11	Exploit	62	▲ 1 (2%)
12	Update	59	- 0 (0%)
13	Campaign	48	▲ 10 (21%)
14	Operation	45	- 0 (0%)
15	Criminal	40	▼ -7 (-18%)
16	Vulnerability	40	▼ -3 (-8%)
17	Akira	36	▼ -4 (-11%)
18	Windows	36	▲ 7 (19%)
19	Software	36	▲ 8 (22%)
20	MWNEWS	33	▲ 12 (36%)
21	Remote Code Execution	33	▼ -6 (-18%)
22	Phishing	32	▼ -6 (-19%)
23	Microsoft	30	▲ 1 (3%)
24	hacking	29	▲ 3 (10%)
25	intelligence	29	▼ -13 (-45%)
26	Kaspersky	26	▼ -5 (-19%)
27	ZeroDay	24	▲ 7 (29%)
28	Education	23	▼ -2 (-9%)
29	Email	22	▼ -3 (-14%)
30	Inc	22	▲ 1 (5%)
31	Advertising	22	▼ -2 (-9%)
32	threat	20	▲ 1 (5%)
33	Russia	19	▼ -12 (-63%)
34	Government	19	▼ -8 (-42%)
35	Clop	19	▲ 3 (16%)
36	LockBit	18	▼ -4 (-22%)
37	Qilin	18	▼ -7 (-39%)
38	China	18	▲ 5 (28%)
39	Distribution	17	▲ 6 (35%)
40	RANSOM	16	▼ -3 (-19%)
41	RaaS	15	▲ 8 (53%)
42	Medusa	14	▼ -3 (-21%)
43	RansomHub	14	▼ -16 (-114%)
44	Dark	14	▲ 7 (50%)
45	c&c	13	- 0 (0%)
46	March	12	▲ 4 (33%)
47	EDR	12	▲ 1 (8%)
48	CISA	12	▲ 1 (8%)
49	RCE	12	▲ new
50	amp	12	▲ 6 (50%)
51	ESET	12	▲ 9 (75%)
52	MFA	11	▼ -4 (-36%)
53	Rhysida	11	▲ 4 (36%)
54	April	11	▲ new
55	DragonForce	11	▲ 4 (36%)
56	Google	11	▲ 2 (18%)
57	United Kingdom	11	▲ 5 (45%)
58	NortonLifeLock	10	▲ 1 (10%)
59	ThreatProtection	10	▲ 3 (30%)
60	웨어	10	▲ 6 (60%)
61	Backdoor	10	▲ 1 (10%)
62	DYEPACK	10	▲ 4 (40%)
63	Lynx	10	▼ -10 (-100%)
64	Black Basta	10	▼ -33 (-330%)
65	Linux	10	▼ -3 (-30%)
66	Play	10	▲ 3 (30%)
67	Stealer	10	▼ -12 (-120%)
68	랜섬	10	▲ 6 (60%)
69	Sarcoma	10	▲ 9 (90%)
70	South Korea	9	▲ 4 (44%)
71	Kill Security	9	▲ 4 (44%)
72	Rhysida Ransomware	9	▲ 2 (22%)
73	gang	9	▲ 2 (22%)
74	Hunters International	9	▲ 2 (22%)
75	Has	9	▼ -16 (-178%)
76	Recorded Future	9	▲ 5 (56%)
77	Cryptocurrency	9	▼ -7 (-78%)
78	Password	9	▼ -3 (-33%)
79	International	8	- 0 (0%)
80	domain	8	▲ 7 (88%)
81	RATel	8	▲ 5 (63%)
82	Australia	8	▼ -3 (-38%)
83	IoC	8	▼ -12 (-150%)
84	BlackSuit	8	▲ 6 (75%)
85	India	8	▲ 1 (13%)
86	Germany	8	▼ -3 (-38%)
87	Telegram	8	▼ -7 (-88%)
88	Europe	8	▼ -5 (-63%)
89	GameoverP2P	7	- 0 (0%)
90	RedCurl	7	▲ new
91	Browser	7	- 0 (0%)
92	BlackLock	7	▲ new
93	LinkedIn	7	▲ 2 (29%)
94	Locker	7	▲ new
95	공격	7	▲ 5 (71%)
96	breach	7	▲ 4 (57%)
97	Kill	7	▲ 3 (43%)
98	Java	7	▲ 4 (57%)
99	IP	7	▲ new
100	Spain	7	▲ 4 (57%)

Special keyword group

Top 5

Malware Type

This is the type of malware that is becoming an issue.

Keyword	Average	Label
Ransomware		579 (77.1%)
Akira		36 (4.8%)
Clop		19 (2.5%)
LockBit		18 (2.4%)
Rhysida		11 (1.5%)

Attacker & Actors

The status of the attacker or attack group being issued.

Keyword	Average	Label
Kill Security		9 (50%)
Hunters International		9 (50%)

Technique

This is an attack technique that is becoming an issue.

Keyword	Average	Label
Exploit		62 (24.4%)
Campaign		48 (18.9%)
Remote Code Execution		33 (13%)
Phishing		32 (12.6%)
hacking		29 (11.4%)

Country & Company

This is a country or company that is an issue.

Keyword	Average	Label
United States		76 (23.1%)
Microsoft		30 (9.1%)
Kaspersky		26 (7.9%)
Russia		19 (5.8%)
Government		19 (5.8%)

Malware Family

Top 5

A malware family is a group of applications with similar attack techniques.
In this trend, it is classified into Ransomware, Stealer, RAT or Backdoor, Loader, Botnet, Cryptocurrency Miner.

Threat info

Last 5

SNS

(Total : 392)

Total keyword

Ransomware Victim DarkWeb Attack Akira United States target Report Exploit Update Remote Code Execution LockBit Malware hacking Criminal Rhysida Rhysida Ransomware Software Kill Security Windows Clop Operation Distribution Education Government Hunters International BlackSuit Canada Kaspersky Germany India Microsoft RCE BianLian Taiwan ZeroDay Deface RedCurl South Korea CL0P Europe Australia ...

No	Title	Date
1	FalconFeeds.io @FalconFeedsio ???? SAFEPAY Ransomware Alert ???? SAFEPAY Ransomware has added 12 new victims to their dark web portal. Stadt Heilbronn ???????? Kellermann & Engelhardt ITEC GmbH ???????? Heinrich + Steinhardt GmbH ???????? Helix Tool ???????? Hurst + Schröder GmbH ???????? Extreme Fire Solutions ???????? FR	2025.04.17
2	FalconFeeds.io @FalconFeedsio DragonForce Ransomware Alert ???? DragonForce Ransomware has added 2 new victims to their dark web portal. - City of Grove ???????? - Iris ID Systems Inc ???????? https://t.co/6oNwEntZcH	2025.04.17
3	FalconFeeds.io @FalconFeedsio ???? MEDUDA Ransomware Alert ???? Lithium Americas Corp. ???????? ???? Lithium Americas Corp. engages in the exploration and development of lithium properties in the United States and Canada, has fallen victim to MEDUSA ransomware. ???? Key Details: ???? Threat Actor: MEDUSA ????Published date ht	2025.04.17
4	FalconFeeds.io @FalconFeedsio ???? Ransomware Alert: A-1 Freeman Moving Group(a-1 https://t.co/AOFnRsiknk), a leading U.S. provider of comprehensive moving, relocation, logistics, warehousing, and transportation services for individuals, businesses, governments, and military clients nationwide, based in USA, https://t.co/YtW95F	2025.04.16
5	FalconFeeds.io @FalconFeedsio ???? Ransomware Alert ???? Setpoint Systems Corporation ???????? ???? Setpoint Systems Corporation is a lean automation integration firm providing engineering, design, build, and controls experts for turn key custom automated solutions using the Toyota Production System (TPS) methodology https://t	2025.04.16

News

(Total : 187)

Total keyword

Ransomware Malware Report attack United States Campaign Exploit Update Victim Vulnerability Attacker Operation target Phishing Criminal intelligence Windows Software Microsoft Kaspersky Email ZeroDay Advertising hacking Remote Code Execution Russia DarkWeb China Education c&c Government RaaS Clop Google ESET EDR CISA Stealer MFA DYEPACK United Kingdom Linux Backdoor Distribution Cryptocurrency Password Black Basta IoC Social Engineering LinkedIn Browser RCE Java RATel NetWireRC Trojan Check Point Takedown VPN Ucraina Recorded Future LockBit Android GameoverP2P Telegram DDoS South Korea VMware Cisco Lumma CVSS Chrome Trend Micro Twitter Supply chain Europe Australia MacOS Zero Trust Police Japan RSA Conference ...

No	Title	Date
1	Interlock ransomware evolves tactics with ClickFix, infostealers - Malware.News	2025.04.17
2	Wars without Gun Smoke: China Plays the Cyber Name-and-Shame Game on Taiwan and the U.S - Malware.News	2025.04.17
3	Threat Intelligence Snapshot: Week 15, 2025 - Malware.News	2025.04.16
4	Cyber Signals Issue 9 \| AI-powered deception: Emerging fraud threats and countermeasures - Malware.News	2025.04.16
5	Streamlining detection engineering in security operation centers - Malware.News	2025.04.16

Additional information

No	Title	Date
1	엔디비아 'AI 심장부' GPU에 보안 구멍.. '즉시 패치' 비상 - 시큐리티팩트	2025.04.17
2	Hi, robot: Half of all internet traffic now automated - Malware.News	2025.04.17
3	Zoom Sees Outage With 50,000 Users Reporting Availability Issues - Bloomberg Technology	2025.04.17
4	Nude photos and names: KU Health and Kansas hospital sued for data breach - Malware.News	2025.04.17
5	DeepSeek Poses ‘Profound’ Security Threat, US House Panel Claims - Bloomberg Technology	2025.04.17
View only the last 5

No	Title	Date
1	Wars without Gun Smoke: China Plays the Cyber Name-and-Shame Game on Taiwan and the U.S - Malware.News	2025.04.17
2	Threat Intelligence Snapshot: Week 15, 2025 - Malware.News	2025.04.16
3	Cyber Signals Issue 9 \| AI-powered deception: Emerging fraud threats and countermeasures - Malware.News	2025.04.16
4	Cyber Signals Issue 9 \| AI-powered deception: Emerging fraud threats and countermeasures - Malware.News	2025.04.16
5	Cyber Signals Issue 9 \| AI-powered deception: Emerging fraud threats and countermeasures - Malware.News	2025.04.16
View only the last 5

No	Request	Hash(md5)	Report No	Date
1	hello.exe Ransomware Malicious Library .NET EXE PE32 PE File	69d1c11ae24884ea55ab39787853ad0c	55331	2024.11.13

Level	Description
danger	File has been identified by 58 AntiVirus engines on VirusTotal as malicious
notice	Allocates read-write-execute memory (usually to unpack itself)
info	Checks amount of memory in system
info	Checks if process is being debugged by a debugger
info	Collects information to fingerprint the system (MachineGuid
info	The executable contains unknown PE section names indicative of a packer (could be a false positive)

No data

No	URL	CC	ASN Co	Reporter	Date
1	https://hilarious-trifle-d9182e.netlify.app/lootsubmit.ps1 fog Ransomware	SG	AMAZON-02	JAMESWT_WT	2025.04.04
2	https://hilarious-trifle-d9182e.netlify.app/cwiper.exe fog Ransomware	SG	AMAZON-02	JAMESWT_WT	2025.04.04
3	https://hilarious-trifle-d9182e.netlify.app/Pay fog Ransomware	SG	AMAZON-02	JAMESWT_WT	2025.04.04
4	https://hilarious-trifle-d9182e.netlify.app/stage1.ps1 fog Ransomware	SG	AMAZON-02	JAMESWT_WT	2025.04.04
5	https://hilarious-trifle-d9182e.netlify.app/Pay%20Adjustment.zip fog Ransomware	SG	AMAZON-02	JAMESWT_WT	2025.04.04
View only the last 5

Beta Service, If you select keyword, you can check detailed information.