Cyber Threat Trends

Summary: 2025/04/17 16:44

First reported date: 2011/01/31
Inquiry period : 2025/03/18 16:44 ~ 2025/04/17 16:44 (1 months), 19 search results

전 기간대비 -16% 낮은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 Campaign Distribution Russia Browser Kimsuky 입니다.
악성코드 유형 Rhadamanthys Vawtrak 도 새롭게 확인됩니다.
공격기술 Malvertising DDoS hacking RCE 도 새롭게 확인됩니다.
기관 및 기업 Binance 도 새롭게 확인됩니다.
기타 Firefox EDR Low REFINERY abusech 등 신규 키워드도 확인됩니다.

* 최근 뉴스기사 Top3:
    ㆍ 2025/04/16 Monthly Threat Actor Group Intelligence Report, February 2025 (ENG)
    ㆍ 2025/04/16 Threat actors misuse Node.js to deliver malware and other malicious payloads
    ㆍ 2025/04/11 러시아 해킹 그룹 '가마레돈', 우크라이나 내 서방 군사 목표 공격

Date range button:

First seen:

Last seen:

Keyword

Trend graph by period

Related keyword cloud

Top 100

#	Trend	Count	Comparison
1	VBScript	19	▼ -3 (-16%)
2	Malware	12	▼ -5 (-42%)
3	powershell	10	▼ -1 (-10%)
4	Campaign	10	▲ 1 (10%)
5	c&c	8	▼ -2 (-25%)
6	IoC	7	▼ -4 (-57%)
7	Microsoft	7	▼ -3 (-43%)
8	Report	6	▼ -6 (-100%)
9	Windows	6	▼ -3 (-50%)
10	Phishing	6	▼ -5 (-83%)
11	Distribution	6	▲ 1 (17%)
12	Russia	5	▲ 1 (20%)
13	United States	5	▼ -4 (-80%)
14	Advertising	5	- 0 (0%)
15	Victim	5	▼ -3 (-60%)
16	Browser	4	▲ 2 (50%)
17	Stealer	4	▼ -2 (-50%)
18	Kimsuky	4	▲ 3 (75%)
19	South Korea	4	▲ 1 (25%)
20	attack	4	- 0 (0%)
21	Update	4	▼ -2 (-50%)
22	North Korea	4	▲ 3 (75%)
23	target	4	▲ 1 (25%)
24	Rhadamanthys	3	▲ new
25	GameoverP2P	3	▼ -1 (-33%)
26	Vulnerability	3	▼ -8 (-267%)
27	Android	3	- 0 (0%)
28	Kaspersky	3	▼ -2 (-67%)
29	Social Engineering	3	▼ -1 (-33%)
30	Ucraina	3	- 0 (0%)
31	NetWireRC	3	▼ -5 (-167%)
32	Email	3	- 0 (0%)
33	Operation	3	- 0 (0%)
34	Japan	3	- 0 (0%)
35	DCRat	2	▲ 1 (50%)
36	Chrome	2	▲ 1 (50%)
37	LinkedIn	2	▼ -3 (-150%)
38	Twitter	2	▼ -3 (-150%)
39	WMI	2	▲ 1 (50%)
40	Software	2	▼ -1 (-50%)
41	Naver	2	▲ 1 (50%)
42	Java	2	▼ -4 (-200%)
43	VBS	2	▼ -2 (-100%)
44	Trojan	2	▲ 1 (50%)
45	Backdoor	2	- 0 (0%)
46	Telegram	2	▼ -1 (-50%)
47	China	2	▼ -2 (-100%)
48	Taiwan	2	▼ -1 (-50%)
49	Australia	2	- 0 (0%)
50	Germany	2	- 0 (0%)
51	Cryptocurrency	2	- 0 (0%)
52	Exploit	2	▼ -3 (-150%)
53	Firefox	2	▲ new
54	EDR	2	▲ new
55	Low	2	▲ new
56	REFINERY	2	▲ new
57	abusech	2	▲ new
58	Government	2	- 0 (0%)
59	Ransomware	2	▼ -2 (-100%)
60	Deobfuscation	2	▲ new
61	StegoCampaign	2	▲ new
62	BINARY	2	▲ new
63	Malvertising	1	▲ new
64	intelligen	1	▲ new
65	Malicious Traffic	1	▲ new
66	bbc	1	▲ new
67	nw	1	▲ new
68	YouTube	1	- 0 (0%)
69	GitHub	1	▼ -3 (-300%)
70	CVSS	1	▲ new
71	DDoS	1	▲ new
72	P	1	▲ new
73	payment	1	▲ new
74	braineecomau	1	▲ new
75	DDNS	1	▲ new
76	IcedID	1	▼ -1 (-100%)
77	Linux	1	▼ -2 (-200%)
78	Cloudflare	1	- 0 (0%)
79	Microsoft Edge	1	▼ -1 (-100%)
80	정보	1	▲ new
81	NortonLifeLock	1	▲ new
82	Tor	1	- 0 (0%)
83	파일	1	▲ new
84	Binance	1	▲ new
85	마레	1	▲ new
86	hacking	1	▲ new
87	Downloader	1	- 0 (0%)
88	공격	1	▲ new
89	httpstcowaThl	1	▲ new
90	그룹	1	▲ new
91	RCE	1	▲ new
92	JAMESWTWT	1	▲ new
93	Vawtrak	1	▲ new
94	6017257934	1	▲ new
95	SMB	1	- 0 (0%)
96	Pa	1	▲ new
97	XSS	1	- 0 (0%)
98	Remote Code Execution	1	▼ -1 (-100%)
99	DHLSADE	1	▲ new
100	RAR	1	▲ new

Special keyword group

Top 5

Malware Type

This is the type of malware that is becoming an issue.

Keyword	Average	Label
Rhadamanthys		3 (14.3%)
GameoverP2P		3 (14.3%)
NetWireRC		3 (14.3%)
DCRat		2 (9.5%)
Trojan		2 (9.5%)

Attacker & Actors

The status of the attacker or attack group being issued.

Keyword	Average	Label
Kimsuky		4 (66.7%)
APT28		1 (16.7%)
MuddyWater		1 (16.7%)

Technique

This is an attack technique that is becoming an issue.

Keyword	Average	Label
Campaign		10 (29.4%)
Phishing		6 (17.6%)
Stealer		4 (11.8%)
Social Engineering		3 (8.8%)
Backdoor		2 (5.9%)

Country & Company

This is a country or company that is an issue.

Keyword	Average	Label
Microsoft		7 (14.3%)
Russia		5 (10.2%)
United States		5 (10.2%)
South Korea		4 (8.2%)
North Korea		4 (8.2%)

Threat info

Last 5

SNS

(Total : 7)

Total keyword

VBScript powershell Rhadamanthys Malware Attacker NetWireRC DCRat Ransomware IoC VBS

No	Title	Date
1	Yogesh Londhe @suyog41 DHL_SADE2_Draft_Documents_ref#6017257934.vbs bbc553df54fb0186458b3337a04e5f9f n/w brainee.com.au #IOC https://t.co/yTfesIegtG	2025.04.14
2	Szabolcs Schmidt @smica83 Low detected VBS @abuse_ch https://t.co/waThl17u5x @JAMESWT_WT https://t.co/A95Ay3kmJL	2025.04.13
3	Cyber_OSINT @Cyber_O51NT Acronis TRU reveals a sophisticated malware delivery chain involving a RAR file, a fake summons, and scripts to deploy DCRat & Rhadamanthys, highlighting how attackers bypass defenses using VBS, batch, and PowerShell. #cybersecurity #malware https://t.co/EXOAKH0CSU	2025.04.02
4	BleepingComputer @BleepinComputer A RAR file, a fake summons, and a Nietzsche quote—all part of a multi-stage malware chain delivering DCRat & Rhadamanthys. @Acronis TRU breaks down how attackers use VBS, batch, and PowerShell scripts to slip past defenses. ???? Full analysis: https://t.co/F9zbGabiRo	2025.04.01
5	Szabolcs Schmidt @smica83 Low detected 'curriculum_vitae_nouveau.vbs' from Morocco @abuse_ch https://t.co/iQvNmhMRH2 @JAMESWT_MHT	2025.03.28

News

(Total : 12)

Total keyword

VBScript Malware Campaign powershell c&c Microsoft Windows IoC Distribution Report Attacker Phishing Victim United States Russia Advertising Browser Stealer attack Kimsuky target Update North Korea South Korea Ucraina Android Vulnerability GameoverP2P Kaspersky Social Engineering Operation Japan Email Telegram Taiwan EDR Australia Germany WMI Backdoor Chrome Trojan Firefox Java China LinkedIn Twitter Government Cryptocurrency Naver Exploit Software Linux Vawtrak SMB XSS Microsoft Edge Remote Code Execution RCE Malicious Traffic Malvertising GitHub Binance IcedID Downloader CVSS Cloudflare Tor hacking YouTube DYEPACK DDoS Ransomware VBS 북한 Facebook Supply chain AsyncRAT NetWireRC APT28 MuddyWater Lumma Stealc ...

No	Title	Date
1	Monthly Threat Actor Group Intelligence Report, February 2025 (ENG) - Malware.News	2025.04.16
2	Threat actors misuse Node.js to deliver malware and other malicious payloads - Malware.News	2025.04.16
3	러시아 해킹 그룹 '가마레돈', 우크라이나 내 서방 군사 목표 공격 - 시큐리티팩트	2025.04.11
4	GOFFEE continues to attack organizations in Russia - Malware.News	2025.04.10
5	The April 2025 Security Update Review - Malware.News	2025.04.09

Additional information

No	Title	Date
1	엔디비아 'AI 심장부' GPU에 보안 구멍.. '즉시 패치' 비상 - 시큐리티팩트	2025.04.17
2	Hi, robot: Half of all internet traffic now automated - Malware.News	2025.04.17
3	Zoom Sees Outage With 50,000 Users Reporting Availability Issues - Bloomberg Technology	2025.04.17
4	Nude photos and names: KU Health and Kansas hospital sued for data breach - Malware.News	2025.04.17
5	DeepSeek Poses ‘Profound’ Security Threat, US House Panel Claims - Bloomberg Technology	2025.04.17
View only the last 5

No	Title	Date
1	Monthly Threat Actor Group Intelligence Report, February 2025 (ENG) - Malware.News	2025.04.16
2	Monthly Threat Actor Group Intelligence Report, February 2025 (ENG) - Malware.News	2025.04.16
3	Threat actors misuse Node.js to deliver malware and other malicious payloads - Malware.News	2025.04.16
4	Threat actors misuse Node.js to deliver malware and other malicious payloads - Malware.News	2025.04.16
5	러시아 해킹 그룹 '가마레돈', 우크라이나 내 서방 군사 목표 공격 - 시큐리티팩트	2025.04.11
View only the last 5

No data

No	URL	CC	ASN Co	Reporter	Date
1	http://146.19.207.4/tiktok.txt vbscript	FR		Riordz	2025.02.15

Beta Service, If you select keyword, you can check detailed information.