Cyber Threat Trends

Summary: 2025/04/17 15:43

First reported date: 2012/12/19
Inquiry period : 2025/03/18 15:43 ~ 2025/04/17 15:43 (1 months), 93 search results

전 기간대비 15% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 Ucraina target Russia Campaign Malware 입니다.
악성코드 유형 LockBit 도 새롭게 확인됩니다.
공격자 Gamaredon Shuckworm 도 새롭게 확인됩니다.
공격기술 Backdoor RCE Downloader 도 새롭게 확인됩니다.
기관 및 기업 Türkiye 도 새롭게 확인됩니다.
기타 mission NortonLifeLock Targets Western WRECKSTEEL 등 신규 키워드도 확인됩니다.

* 최근 뉴스기사 Top3:
    ㆍ 2025/04/17 어나니머스, 러시아 해킹.. 국가 DB '전체 분량' 털렸다
    ㆍ 2025/04/16 CVE-2025-24054, NTLM Exploit in the Wild
    ㆍ 2025/04/16 Monthly Threat Actor Group Intelligence Report, February 2025 (ENG)

Date range button:

First seen:

Last seen:

Keyword

Trend graph by period

Related keyword cloud

Top 100

#	Trend	Count	Comparison
1	Ucraina	93	▲ 14 (15%)
2	target	44	▲ 23 (52%)
3	Russia	36	▲ 10 (28%)
4	Campaign	32	▲ 20 (63%)
5	Malware	32	▲ 8 (25%)
6	Ukraine	30	▲ 3 (10%)
7	Kaspersky	29	▲ 4 (14%)
8	Report	26	▲ 10 (38%)
9	Phishing	22	▲ 17 (77%)
10	United States	20	▲ 4 (20%)
11	attack	19	▲ 6 (32%)
12	DDoS	15	▲ 1 (7%)
13	Alert	15	▲ 3 (20%)
14	United Kingdom	14	▲ 6 (43%)
15	Government	14	▲ 5 (36%)
16	NoName	13	▲ 10 (77%)
17	Victim	13	▲ 5 (38%)
18	China	13	▲ 9 (69%)
19	Update	12	▲ 11 (92%)
20	Gamaredon	11	▲ new
21	hacking	11	- 0 (0%)
22	Operation	11	▼ -4 (-36%)
23	Australia	9	▲ 5 (56%)
24	Germany	9	- 0 (0%)
25	powershell	9	▲ 8 (89%)
26	Telegram	9	▲ 2 (22%)
27	intelligence	9	▲ 2 (22%)
28	Remote Code Execution	8	▲ 3 (38%)
29	Vulnerability	8	▲ 2 (25%)
30	Microsoft	7	▲ 2 (29%)
31	Exploit	7	▲ 5 (71%)
32	Email	7	▲ 4 (57%)
33	Cloudflare	7	▲ 5 (71%)
34	Google	7	▲ 4 (57%)
35	Military	7	▲ 6 (86%)
36	Recorded Future	6	▲ 3 (50%)
37	c&c	6	▲ 1 (17%)
38	Europe	6	▼ -1 (-17%)
39	Japan	6	▲ 4 (67%)
40	Israel	6	▼ -2 (-33%)
41	multiple	6	▲ 3 (50%)
42	Russian	6	▲ 3 (50%)
43	Shuckworm	6	▲ new
44	Remcos	6	▲ 5 (83%)
45	Ransomware	6	▼ -6 (-100%)
46	Twitter	6	▲ 1 (17%)
47	Alliance	5	▼ -1 (-20%)
48	Backdoor	5	▲ new
49	Hacktivist	5	▼ -2 (-40%)
50	South Korea	5	▲ 3 (60%)
51	CERTUA	5	▲ 2 (40%)
52	Italy	5	▼ -5 (-100%)
53	Software	5	▲ 3 (60%)
54	mission	5	▲ new
55	RAT	5	▲ 2 (40%)
56	NortonLifeLock	5	▲ new
57	Advertising	4	▲ 1 (25%)
58	North Korea	4	▲ 1 (25%)
59	IoC	4	▲ 1 (25%)
60	securityaffairs	4	▲ 1 (25%)
61	Criminal	4	▼ -8 (-200%)
62	ZeroDay	4	▲ 3 (75%)
63	DarkWeb	4	- 0 (0%)
64	Distribution	4	▼ -2 (-50%)
65	NetWireRC	4	▼ -2 (-50%)
66	France	4	▼ -5 (-125%)
67	Cisco	4	▲ 3 (75%)
68	Targets	4	▲ new
69	Western	4	▲ new
70	Spain	4	▲ 1 (25%)
71	RCE	4	▲ new
72	Canada	4	▲ 2 (50%)
73	CISA	3	- 0 (0%)
74	India	3	▼ -6 (-200%)
75	Downloader	3	▲ new
76	Windows	3	- 0 (0%)
77	WRECKSTEEL	3	▲ new
78	GitHub	3	▲ 2 (67%)
79	Future	3	▲ 2 (67%)
80	amp	3	▲ new
81	Taiwan	3	▲ 1 (33%)
82	Türkiye	3	▲ new
83	VBScript	3	- 0 (0%)
84	Defense	3	▲ new
85	Recorded	3	▲ 2 (67%)
86	Record	3	▲ 1 (33%)
87	Stealer	3	▲ 1 (33%)
88	Check Point	3	▼ -1 (-33%)
89	Foreign	3	▲ 1 (33%)
90	NATO	3	▲ 2 (67%)
91	Ukrainian	3	▲ 2 (67%)
92	arrest	3	- 0 (0%)
93	Android	3	- 0 (0%)
94	Insurance	2	▲ new
95	있다	2	▲ new
96	MWNEWS	2	▲ 1 (50%)
97	LockBit	2	▲ new
98	Putin	2	▲ new
99	WhatsApp	2	▲ new
100	Cryptocurrency	2	▼ -3 (-150%)

Special keyword group

Top 5

Malware Type

This is the type of malware that is becoming an issue.

Keyword	Average	Label
Remcos		6 (20.7%)
Ransomware		6 (20.7%)
RAT		5 (17.2%)
NetWireRC		4 (13.8%)
LockBit		2 (6.9%)

Attacker & Actors

The status of the attacker or attack group being issued.

Keyword	Average	Label
Gamaredon		11 (57.9%)
Shuckworm		6 (31.6%)
Anonymous		2 (10.5%)

Technique

This is an attack technique that is becoming an issue.

Keyword	Average	Label
Campaign		32 (27.8%)
Phishing		22 (19.1%)
DDoS		15 (13%)
hacking		11 (9.6%)
Remote Code Execution		8 (7%)

Country & Company

This is a country or company that is an issue.

Keyword	Average	Label
Ucraina		93 (25.3%)
Russia		36 (9.8%)
Ukraine		30 (8.2%)
Kaspersky		29 (7.9%)
United States		20 (5.4%)

Threat info

Last 5

SNS

(Total : 51)

Total keyword

Ucraina target Ukraine DDoS Russia Kaspersky Campaign Gamaredon attack Phishing Israel Malware United Kingdom Remcos hacking Report Shuckworm Cloudflare Spain RAT Recorded Future powershell APT India Symantec Google Government Criminal Operation RCE Distribution UN Spear Phishing ...

No	Title	Date
1	Microsoft Threat Intelligence @MsftSecIntel @sherrod_im Star Blizzard sent their targets spear-phishing messages that included a quick response (QR) code purporting to direct users to join a WhatsApp group on “the latest non-governmental initiatives aimed at supporting Ukraine NGOs.”	2025.04.16
2	FalconFeeds.io @FalconFeedsio ???? DDoS Alert ???? Al Ahad claims to have targeted multiple websites in Ukraine. -Kyiv Sikorsky International Airport (Zhuliany) -Odesa International Airport -Kharkiv International Airport -Dnipro International Airport https://t.co/dNtpaHChAF	2025.04.15
3	MalwareHunterTeam @malwrhunterteam @h4rmsw4yX Sorry, I not have much access (nor think I ever will as it would be too damaging for some it seems... ????‍♂️) to do limitless testings, so can't really tell. Maybe just start from all .hta files seen from Ukraine and if that gives too much FPs, try to filter more based on what easily	2025.04.15
4	MalwareHunterTeam @malwrhunterteam The SSL cert for the ms-coauth.com domain that has the next stage has been given by "Google Trust Services"... ???????????? Google as a trash criminal gang is surely proud of that they are supporting actors doing targeting in Ukraine, especially if it's a Russian APT, right? ????‍♂️ https://t.co/GF9	2025.04.15
5	MalwareHunterTeam @malwrhunterteam "728-3512-19.rar": ad906427ef88f5d55b9ff8d363b6c3bdb34aaef2b1b980f3950e424370893cff -> "728-3512-19.hta": 44cb60c9bb448b33549b2002a84fd56483bbb17fab3f1d861a7f4256a063bbb5 ms-coauth.com Supposedly Russian APT targeting in Ukraine, but for me this is more boring ???? shit than https://t.co/bNUPYndQ	2025.04.15

News

(Total : 42)

Total keyword

Ucraina Malware Russia Campaign Report United States Kaspersky target Phishing China Victim attack Government Update Operation Australia intelligence United Kingdom Attacker Telegram Germany Vulnerability Remote Code Execution Exploit Microsoft hacking Email Japan Europe Twitter Ukraine Ransomware powershell c&c Software Italy South Korea Google IoC ZeroDay Advertising DarkWeb Gamaredon North Korea Backdoor Distribution Windows arrest NetWireRC Cloudflare GitHub RCE NATO Canada Cisco Taiwan Türkiye VBScript CISA Recorded Future France Check Point Android Anonymous Clop Tor YouTube Shuckworm DDoS Education Criminal LockBit Cryptocurrency Malicious Traffic Africa Stealer payment HyperSSL Downloader Social Engineering Remcos MFA GameoverP2P RAT DNS FBI ...

No	Title	Date
1	어나니머스, 러시아 해킹.. 국가 DB '전체 분량' 털렸다 - 시큐리티팩트	2025.04.17
2	CVE-2025-24054, NTLM Exploit in the Wild - Malware.News	2025.04.16
3	Monthly Threat Actor Group Intelligence Report, February 2025 (ENG) - Malware.News	2025.04.16
4	NATO, 팔란티어 'AI 방위 플랫폼' 공식 채택 - 시큐리티팩트	2025.04.16
5	K-방산, 1분기 실적 전년 대비 상승폭 키워 - 시큐리티팩트	2025.04.15

Additional information

No	Title	Date
1	엔디비아 'AI 심장부' GPU에 보안 구멍.. '즉시 패치' 비상 - 시큐리티팩트	2025.04.17
2	Hi, robot: Half of all internet traffic now automated - Malware.News	2025.04.17
3	Zoom Sees Outage With 50,000 Users Reporting Availability Issues - Bloomberg Technology	2025.04.17
4	Nude photos and names: KU Health and Kansas hospital sued for data breach - Malware.News	2025.04.17
5	DeepSeek Poses ‘Profound’ Security Threat, US House Panel Claims - Bloomberg Technology	2025.04.17
View only the last 5

No	Title	Date
1	CVE-2025-24054, NTLM Exploit in the Wild - Malware.News	2025.04.16
2	CVE-2025-24054, NTLM Exploit in the Wild - Malware.News	2025.04.16
3	CVE-2025-24054, NTLM Exploit in the Wild - Malware.News	2025.04.16
4	Monthly Threat Actor Group Intelligence Report, February 2025 (ENG) - Malware.News	2025.04.16
5	Monthly Threat Actor Group Intelligence Report, February 2025 (ENG) - Malware.News	2025.04.16
View only the last 5

No data

Beta Service, If you select keyword, you can check detailed information.