Cyber Threat Trends

Summary: 2025/04/19 12:31

First reported date: 2009/08/05
Inquiry period : 2025/03/20 12:31 ~ 2025/04/19 12:31 (1 months), 114 search results

전 기간대비 25% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 Browser Malware Update Windows Chrome 입니다.
악성코드 유형 Black Basta 도 새롭게 확인됩니다.
공격기술 RCE 도 새롭게 확인됩니다.
기타 sophisticated SMB Anonymisierendes traffic Bug 등 신규 키워드도 확인됩니다.

* 최근 뉴스기사 Top3:
    ㆍ 2025/04/18 Dark Web Market: STYX Market
    ㆍ 2025/04/18 Care what you share
    ㆍ 2025/04/17 Hi, robot: Half of all internet traffic now automated

Date range button:

First seen:

Last seen:

Keyword

Trend graph by period

Related keyword cloud

Top 100

#	Trend	Count	Comparison
1	Browser	114	▲ 28 (25%)
2	Malware	57	▲ 5 (9%)
3	Update	43	▲ 13 (30%)
4	Windows	35	▲ 16 (46%)
5	Chrome	35	▲ 21 (60%)
6	attack	34	▲ 9 (26%)
7	Google	34	▲ 12 (35%)
8	target	33	▲ 11 (33%)
9	Campaign	31	▲ 4 (13%)
10	Exploit	27	▲ 6 (22%)
11	Report	27	▼ -3 (-11%)
12	Email	24	▲ 4 (17%)
13	Phishing	24	▲ 3 (13%)
14	Microsoft	23	▲ 6 (26%)
15	Advertising	23	▲ 1 (4%)
16	Software	23	▲ 4 (17%)
17	Victim	20	▲ 1 (5%)
18	Vulnerability	19	▲ 5 (26%)
19	Criminal	18	▼ -2 (-11%)
20	Stealer	18	- 0 (0%)
21	United States	15	▼ -5 (-33%)
22	Operation	15	▲ 7 (47%)
23	Remote Code Execution	14	▼ -5 (-36%)
24	ZeroDay	13	▲ 11 (85%)
25	Password	13	▲ 5 (38%)
26	Firefox	12	▼ -3 (-25%)
27	powershell	12	▲ 6 (50%)
28	IoC	12	▼ -3 (-25%)
29	Kaspersky	12	▲ 1 (8%)
30	intelligence	11	- 0 (0%)
31	Trojan	11	▲ 1 (9%)
32	c&c	11	▼ -1 (-9%)
33	Russia	10	▼ -1 (-10%)
34	threat	10	▲ 6 (60%)
35	Distribution	9	▲ 3 (33%)
36	Microsoft Edge	9	▲ 3 (33%)
37	Ransomware	9	▲ 1 (11%)
38	ChatGPT	8	▲ 6 (75%)
39	Java	8	▲ 1 (13%)
40	RCE	8	▲ new
41	Edge	8	▲ 7 (88%)
42	Cryptocurrency	8	▼ -2 (-25%)
43	Linux	7	▲ 1 (14%)
44	Android	7	▼ -4 (-57%)
45	GameoverP2P	7	▲ 1 (14%)
46	MFA	7	▼ -3 (-43%)
47	GitHub	7	▲ 1 (14%)
48	China	6	- 0 (0%)
49	Social Engineering	6	▼ -1 (-17%)
50	Government	6	▼ -8 (-133%)
51	Apple	6	▼ -4 (-67%)
52	Takedown	6	▲ 2 (33%)
53	Tor	6	▲ 5 (83%)
54	payment	6	▲ 2 (33%)
55	hijack	6	▲ 2 (33%)
56	Education	5	▼ -6 (-120%)
57	Lumma	5	▼ -2 (-40%)
58	NetWireRC	5	▼ -7 (-140%)
59	WhatsApp	5	▲ 3 (60%)
60	VPN	5	▼ -2 (-40%)
61	MWNEWS	5	▲ 4 (80%)
62	RAT	5	▼ -2 (-40%)
63	DarkWeb	4	▲ 2 (50%)
64	VBScript	4	▲ 2 (50%)
65	Banking	4	▼ -4 (-100%)
66	RATel	4	▲ 3 (75%)
67	sophisticated	4	▲ new
68	mozilla	4	▲ 1 (25%)
69	LinkedIn	4	▼ -2 (-50%)
70	protection	4	▲ 2 (50%)
71	Telegram	4	▼ -1 (-25%)
72	SMB	4	▲ new
73	Tick	4	▲ 2 (50%)
74	account	4	▲ 3 (75%)
75	Opera	3	▲ 1 (33%)
76	fingerprint	3	▲ 2 (67%)
77	Black Basta	3	▲ new
78	Anonymisierendes	3	▲ new
79	MacOS	3	▼ -4 (-133%)
80	traffic	3	▲ new
81	Stealc	3	▲ 2 (67%)
82	NortonLifeLock	3	- 0 (0%)
83	DYEPACK	3	- 0 (0%)
84	Bug	3	▲ new
85	Safari	3	▼ -3 (-100%)
86	access	3	▲ 2 (67%)
87	unknown	3	▲ new
88	googlechrome	3	▲ new
89	Twitter	3	▼ -6 (-200%)
90	Vawtrak	3	▲ 2 (67%)
91	amp	3	▲ 1 (33%)
92	fake	3	▲ 1 (33%)
93	web	3	▼ -2 (-67%)
94	VirusTotal	3	▼ -2 (-67%)
95	Cloudflare	3	▲ 1 (33%)
96	AI	3	▲ 2 (67%)
97	Endpoint	3	▲ 1 (33%)
98	IPS	3	▲ 1 (33%)
99	Symantec	3	▲ 1 (33%)
100	ThreatProtection	3	- 0 (0%)

Special keyword group

Top 5

Malware Type

This is the type of malware that is becoming an issue.

Keyword	Average	Label
Trojan		11 (19.3%)
Ransomware		9 (15.8%)
GameoverP2P		7 (12.3%)
Lumma		5 (8.8%)
NetWireRC		5 (8.8%)

Attacker & Actors

The status of the attacker or attack group being issued.

Keyword	Average	Label
Tick		4 (66.7%)
Kimsuky		2 (33.3%)

Technique

This is an attack technique that is becoming an issue.

Keyword	Average	Label
Campaign		31 (22%)
Exploit		27 (19.1%)
Phishing		24 (17%)
Stealer		18 (12.8%)
Remote Code Execution		14 (9.9%)

Country & Company

This is a country or company that is an issue.

Keyword	Average	Label
Google		34 (24.8%)
Microsoft		23 (16.8%)
United States		15 (10.9%)
Kaspersky		12 (8.8%)
Russia		10 (7.3%)

Threat info

Last 5

SNS

(Total : 33)

Total keyword

Browser Chrome target Google attack Update Malware Windows Campaign Email Apple ZeroDay Takedown Stealer Symantec Exploit Vulnerability Tor Firefox Phishing powershell Password Safari MacOS RAT IoC Fortinet Government Cloudflare Report GitHub Police plugin Proofpoint dlp Kaspersky Russia WhatsApp India ...

No	Title	Date
1	Proofpoint @proofpoint Proofpoint human-centric information protection delivers proactive #datalossprevention and #insiderrisk management across all the modern channels people work—email, endpoint, cloud and browsers. Learn more at https://t.co/I7L48yJ9Zr. #infosec #DLP	2025.04.18
2	Threat Insight @threatinsight UNK_RemoteRogue (Russia): In Dec 2024, a targeted campaign used compromised infrastructure to send emails to people linked to a defense industry manufacturer. The emails contained directions in Russian to copy malicious PowerShell code from the browser to their terminal. https://t.co/8c7S1wTplG	2025.04.17
3	Microsoft Threat Intelligence @MsftSecIntel @sherrod_im However, the QR code is used by WhatsApp to connect an account to a linked device and/or the WhatsApp Web portal. If the target follows the instructions on the page, the threat actor could gain access to messages in their WhatsApp account & exfiltrate data using browser plugins.	2025.04.16
4	Dark Web Informer - Cyber Threat Intelligence @DarkWebInformer ????Tor Browser 14.5 has been released! Update!???? https://t.co/eKBLwkcgFp	2025.04.16
5	Yogesh Londhe @suyog41 Banshee Stealer Safari_Browser_2.45.dmg 1d96e46f60f297e1e520af4ec7d0e895 olaiokejk-oikeja 37127f6ea5453f025b1727f565107545 #Banshee #Stealer #MAC #IOC https://t.co/rphCN7rNsh	2025.04.15

News

(Total : 81)

Total keyword

Browser Malware Update Windows attack Google Campaign Chrome target Report Attacker Exploit Microsoft Software Advertising Phishing Email Victim Criminal Vulnerability United States Operation Stealer Remote Code Execution Trojan c&c intelligence Password Kaspersky ZeroDay powershell IoC Firefox Ransomware Distribution Russia Microsoft Edge Java ChatGPT Cryptocurrency RCE Linux Android GameoverP2P MFA Social Engineering China payment GitHub Education Government hijack Lumma Telegram WhatsApp Banking Tick RATel LinkedIn VBScript NetWireRC SMB VPN DarkWeb RAT Opera Twitter VirusTotal Apple DDoS Tor DYEPACK Black Basta Takedown Vawtrak Naver South Korea MalSpam Supply chain Kimsuky Cloudflare iPhone YouTube IcedID Booking Malvertising Germany ...

No	Title	Date
1	Dark Web Market: STYX Market - Malware.News	2025.04.18
2	Care what you share - Malware.News	2025.04.18
3	Hi, robot: Half of all internet traffic now automated - Malware.News	2025.04.17
4	IT Sicherheitsnews taegliche Zusammenfassung 2025-04-16 18h : 7 posts - IT Sicherheitsnews	2025.04.17
5	Exploiting SMS: Threat Actors Use Social Engineering to Target Companies - Malware.News	2025.04.17

Additional information

No	Title	Date
1	Tesla to Delay Production of Cheaper EVs, Reuters Reports - Bloomberg Technology	2025.04.19
2	When Vulnerability Information Flows are Vulnerable Themselves - Malware.News	2025.04.19
3	CISA warns threat hunting staff of end to Google, Censys contracts as agency cuts set in - Malware.News	2025.04.19
4	Radiology practice reportedly working with FBI after ‘data security incident’ - Malware.News	2025.04.19
5	Text scams grow to steal hundreds of millions of dollars - Malware.News	2025.04.19
View only the last 5

No	Title	Date
1	Dark Web Market: STYX Market - Malware.News	2025.04.18
2	Dark Web Market: STYX Market - Malware.News	2025.04.18
3	Care what you share - Malware.News	2025.04.18
4	Care what you share - Malware.News	2025.04.18
5	Care what you share - Malware.News	2025.04.18
View only the last 5

No	Request	Hash(md5)	Report No	Date
1	1 Podgląd wpisu po zmianie _ C... Client SW User Data Stealer browser info stealer Generic Malware Google Chrome User Data Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection BitCoin Internet API persistenc	0b0afec69e7d62568ab3bfdadc92c631	59177	2025.04.18
2	1 Podgląd wpisu po zmianie _ C... Client SW User Data Stealer browser info stealer Generic Malware Google Chrome User Data Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection BitCoin Internet API persistenc	0b0afec69e7d62568ab3bfdadc92c631	59174	2025.04.18
3	remcos_a.exe Client SW User Data Stealer Backdoor RemcosRAT Browser Login Data Stealer browser info stealer Generic Malware Google Chrome User Data Downloader Malicious Library Malicious Packer UPX Create Service Socket Escalate priviledges PWS Sniff Audio DNS Interne	e3aecc3188eac24edb8e34f5044b3a6a	58998	2025.04.14
4	pdf.ps1 Client SW User Data Stealer Backdoor RemcosRAT browser info stealer Hide_EXE Generic Malware Google Chrome User Data Downloader Malicious Library .NET framework(MSIL) Antivirus Create Service Socket ScreenShot Escalate priviledges PWS Sniff Audio DNS Inte	642647cf863119977d7bd52e848e0cfe	58395	2025.03.31
5	kent.ps1 Client SW User Data Stealer Backdoor RemcosRAT Formbook browser info stealer Hide_EXE Generic Malware Google Chrome User Data Downloader Malicious Library Confuser .NET Antivirus Create Service Socket ScreenShot Escalate priviledges PWS Sniff Audio DNS Co	432719ce1459add67ebe4c01b47310f2	58059	2025.03.13
View only the last 5

Level	Description
watch	Found URLs in memory pointing to an IP address rather than a domain (potentially indicative of Command & Control traffic)
watch	One or more non-whitelisted processes were created
watch	Resumed a suspended thread in a remote process potentially indicative of process injection
notice	Allocates read-write-execute memory (usually to unpack itself)
notice	An application raised an exception which may be indicative of an exploit crash
notice	Potentially malicious URLs were found in the process memory dump
notice	Steals private information from local Internet browsers
notice	Terminates another process
notice	Yara rule detected in process memory
info	Checks if process is being debugged by a debugger
info	One or more processes crashed
info	Tries to locate where the browsers are installed

No data

Beta Service, If you select keyword, you can check detailed information.