Cyber Threat Trends

Summary: 2025/04/17 13:12

First reported date: 2011/04/26
Inquiry period : 2025/04/10 13:12 ~ 2025/04/17 13:12 (7 days), 15 search results

전 기간대비 -7% 낮은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 Google Malware Browser United States Phishing 입니다.
악성코드 유형 RATel EnvyScout GraphicalNeutrino 도 새롭게 확인됩니다.
공격자 APT29 도 새롭게 확인됩니다.
공격기술 RCE hijack Smishing 도 새롭게 확인됩니다.
기관 및 기업 Russia 구글 Okta Check Point Iran Canada Australia VirusTotal 도 새롭게 확인됩니다.
기타 Report Android Sicherheitslücke kritische Safari 등 신규 키워드도 확인됩니다.

* 최근 뉴스기사 Top3:
    ㆍ 2025/04/17 Hi, robot: Half of all internet traffic now automated
    ㆍ 2025/04/17 IT Sicherheitsnews taegliche Zusammenfassung 2025-04-16 18h : 7 posts
    ㆍ 2025/04/17 Advanced KQL Deep Dive: User State Change Tracking

Date range button:

First seen:

Last seen:

Keyword

Trend graph by period

Related keyword cloud

Top 100

#	Trend	Count	Comparison
1	Chrome	15	▼ -1 (-7%)
2	Google	9	▲ 2 (22%)
3	Malware	8	▲ 3 (38%)
4	Browser	7	▲ 2 (29%)
5	Update	4	▼ -2 (-50%)
6	Windows	4	- 0 (0%)
7	Exploit	3	▼ -1 (-33%)
8	target	3	▼ -1 (-33%)
9	Campaign	3	- 0 (0%)
10	United States	3	▲ 2 (67%)
11	Phishing	3	▲ 1 (33%)
12	Report	3	▲ new
13	Kaspersky	2	▲ 1 (50%)
14	India	2	▲ 1 (50%)
15	intelligence	2	▲ 1 (50%)
16	Android	2	▲ new
17	Firefox	2	▼ -1 (-50%)
18	Microsoft	2	▼ -3 (-150%)
19	Russia	2	▲ new
20	Victim	2	- 0 (0%)
21	RCE	2	▲ new
22	Criminal	2	▲ 1 (50%)
23	hijack	2	▲ new
24	Sicherheitslücke	2	▲ new
25	kritische	2	▲ new
26	Email	2	- 0 (0%)
27	Safari	2	▲ new
28	advisory	1	- 0 (0%)
29	MWNEWS	1	▲ new
30	taegliche	1	▲ new
31	Sicherheitsnews	1	▲ new
32	Vulnerability	1	- 0 (0%)
33	Artikel	1	- 0 (0%)
34	Schwachstellen	1	▼ -3 (-300%)
35	Mehrere	1	▼ -3 (-300%)
36	개인정보	1	▲ new
37	Zusammenfassung	1	▲ new
38	브라우저	1	▲ new
39	크롬	1	▲ new
40	구글	1	▲ new
41	Ba	1	▲ new
42	Government	1	▼ -1 (-100%)
43	Advertising	1	▼ -2 (-200%)
44	기록	1	▲ new
45	payment	1	- 0 (0%)
46	last	1	▲ new
47	application	1	▲ new
48	operator	1	▲ new
49	step	1	▲ new
50	user	1	▲ new
51	Okta	1	▲ new
52	RATel	1	▲ new
53	MFA	1	- 0 (0%)
54	ChatGPT	1	▲ new
55	abgedichtet	1	▲ new
56	Webbrowser	1	▲ new
57	human	1	▲ new
58	dichtet	1	▲ new
59	bot	1	▲ new
60	web	1	▲ new
61	traffic	1	▲ new
62	Password	1	- 0 (0%)
63	EnvyScout	1	▲ new
64	Router	1	▲ new
65	attack	1	▼ -1 (-100%)
66	Software	1	▼ -1 (-100%)
67	Education	1	▼ -1 (-100%)
68	Microsoft Edge	1	▼ -2 (-200%)
69	SideWinder	1	▲ new
70	Check Point	1	▲ new
71	Apple	1	▼ -1 (-100%)
72	history	1	- 0 (0%)
73	Chromebooks	1	▲ new
74	Lenovo	1	▲ new
75	httpstcoy	1	▲ new
76	BadBazaar	1	▲ new
77	threat	1	▲ new
78	SpyNote	1	▲ new
79	RC	1	▲ new
80	WhatsApp	1	▲ new
81	Instagram	1	▲ new
82	risk	1	▲ new
83	Facebook	1	▲ new
84	arrest	1	- 0 (0%)
85	Smishing	1	▲ new
86	Iran	1	▲ new
87	Canada	1	▲ new
88	Australia	1	▲ new
89	China	1	- 0 (0%)
90	North Korea	1	- 0 (0%)
91	Telegram	1	▲ new
92	privacy	1	▲ new
93	From	1	▲ new
94	GraphicalNeutrino	1	▲ new
95	Trojan	1	- 0 (0%)
96	VMware	1	▲ new
97	c&c	1	▼ -2 (-200%)
98	IoC	1	▼ -1 (-100%)
99	VirusTotal	1	▲ new
100	APT29	1	▲ new

Special keyword group

Top 5

Malware Type

This is the type of malware that is becoming an issue.

Keyword	Average	Label
RATel		1 (20%)
EnvyScout		1 (20%)
GraphicalNeutrino		1 (20%)
NetWireRC		1 (20%)
AsyncRAT		1 (20%)

Attacker & Actors

The status of the attacker or attack group being issued.

Keyword	Average	Label
APT29		1 (50%)
SideCopy		1 (50%)

Technique

This is an attack technique that is becoming an issue.

Keyword	Average	Label
Exploit		3 (21.4%)
Campaign		3 (21.4%)
Phishing		3 (21.4%)
RCE		2 (14.3%)
hijack		2 (14.3%)

Country & Company

This is a country or company that is an issue.

Keyword	Average	Label
Google		9 (29%)
United States		3 (9.7%)
Kaspersky		2 (6.5%)
India		2 (6.5%)
Microsoft		2 (6.5%)

Threat info

Last 5

SNS

(Total : 3)

Total keyword

Chrome Browser Update

No	Title	Date
1	MalwareHunterTeam @malwrhunterteam "Chrome.apk": 47fb7c6c96b036ce50b6dca26157f6ac4d7b40c1059114b6b7d8eefa9c435eff From: https://www.navegador-update.com/download.php https://t.co/E3y8exqGSG	2025.04.14
2	BleepingComputer @BleepinComputer Chrome 136 fixes 20-year browser history privacy risk - @billtoulas https://t.co/j4yUJlZxrD https://t.co/j4yUJlZxrD	2025.04.13
3	BleepingComputer @BleepinComputer These refurbished Lenovo Chromebooks are now $80 https://t.co/y0GQcYkpsO https://t.co/y0GQcYkpsO	2025.04.11

News

(Total : 12)

Total keyword

Chrome Google Malware Browser Windows target Phishing Report Campaign United States Attacker Exploit Update Criminal intelligence RCE Email Microsoft India Firefox Safari Victim Russia Android Kaspersky hijack Vulnerability 크롬 구글 Password Okta RATel MFA ChatGPT Education payment Router attack Software Government APT29 Advertising Instagram AsyncRAT WhatsApp Apple Facebook SideCopy arrest Smishing Iran Canada Australia China North Korea Telegram NetWireRC powershell Microsoft Edge EnvyScout Check Point GraphicalNeutrino VMware c&c IoC VirusTotal Distribution ...

No	Title	Date
1	Hi, robot: Half of all internet traffic now automated - Malware.News	2025.04.17
2	IT Sicherheitsnews taegliche Zusammenfassung 2025-04-16 18h : 7 posts - IT Sicherheitsnews	2025.04.17
3	Advanced KQL Deep Dive: User State Change Tracking - Malware.News	2025.04.17
4	Webbrowser: Kritische Sicherheitslücke in Chrome abgedichtet - IT Sicherheitsnews	2025.04.17
5	Google dichtet kritische Sicherheitslücke in Chrome ab - IT Sicherheitsnews	2025.04.17

Additional information

No	Title	Date
1	엔디비아 'AI 심장부' GPU에 보안 구멍.. '즉시 패치' 비상 - 시큐리티팩트	2025.04.17
2	Hi, robot: Half of all internet traffic now automated - Malware.News	2025.04.17
3	Zoom Sees Outage With 50,000 Users Reporting Availability Issues - Bloomberg Technology	2025.04.17
4	Nude photos and names: KU Health and Kansas hospital sued for data breach - Malware.News	2025.04.17
5	DeepSeek Poses ‘Profound’ Security Threat, US House Panel Claims - Bloomberg Technology	2025.04.17
View only the last 5

No	Title	Date
1	IT Sicherheitsnews taegliche Zusammenfassung 2025-04-16 18h : 7 posts - IT Sicherheitsnews	2025.04.17
2	Advanced KQL Deep Dive: User State Change Tracking - Malware.News	2025.04.17
3	Advanced KQL Deep Dive: User State Change Tracking - Malware.News	2025.04.17
4	Webbrowser: Kritische Sicherheitslücke in Chrome abgedichtet - IT Sicherheitsnews	2025.04.17
5	Google dichtet kritische Sicherheitslücke in Chrome ab - IT Sicherheitsnews	2025.04.17
View only the last 5

No	Request	Hash(md5)	Report No	Date
1	remcos_a.exe Client SW User Data Stealer Backdoor RemcosRAT Browser Login Data Stealer browser info stealer Generic Malware Google Chrome User Data Downloader Malicious Library Malicious Packer UPX Create Service Socket Escalate priviledges PWS Sniff Audio DNS Interne	e3aecc3188eac24edb8e34f5044b3a6a	58998	2025.04.14
2	pdf.ps1 Client SW User Data Stealer Backdoor RemcosRAT browser info stealer Hide_EXE Generic Malware Google Chrome User Data Downloader Malicious Library .NET framework(MSIL) Antivirus Create Service Socket ScreenShot Escalate priviledges PWS Sniff Audio DNS Inte	642647cf863119977d7bd52e848e0cfe	58395	2025.03.31
3	kent.ps1 Client SW User Data Stealer Backdoor RemcosRAT Formbook browser info stealer Hide_EXE Generic Malware Google Chrome User Data Downloader Malicious Library Confuser .NET Antivirus Create Service Socket ScreenShot Escalate priviledges PWS Sniff Audio DNS Co	432719ce1459add67ebe4c01b47310f2	58059	2025.03.13
4	nyoilsafkjawd.exe Client SW User Data Stealer Backdoor RemcosRAT Browser Login Data Stealer browser info stealer Generic Malware Google Chrome User Data Downloader Malicious Library Malicious Packer UPX Create Service Socket ScreenShot Escalate priviledges PWS Sniff Audio	0bea38a3f664f5c8d72ab74db022aacd	58045	2025.03.12
5	crossings.exe Client SW User Data Stealer Backdoor RemcosRAT Browser Login Data Stealer browser info stealer Generic Malware Google Chrome User Data Downloader Malicious Library Malicious Packer UPX Create Service Socket ScreenShot Escalate priviledges PWS Sniff Audio	db59bfef32bc15d53bdf499dd1ae62c4	58044	2025.03.12
View only the last 5

Level	Description
danger	File has been identified by 66 AntiVirus engines on VirusTotal as malicious
danger	The process wscript.exe wrote an executable file to disk which it then attempted to execute
danger	Connects to an IP address that is no longer responding to requests (legitimate services will remain up-and-running usually)
danger	Executed a process and injected code into it
warning	Disables Windows Security features
watch	Communicates with host for which no DNS query was performed
watch	Installs itself for autorun at Windows startup
watch	One or more non-whitelisted processes were created
watch	Potential code injection by writing to the memory of another process
watch	Resumed a suspended thread in a remote process potentially indicative of process injection
watch	Used NtSetContextThread to modify a thread in a remote process indicative of process injection
notice	A process attempted to delay the analysis task.
notice	A process created a hidden window
notice	Checks whether any human activity is being performed by constantly checking whether the foreground window changed
notice	Creates a suspicious process
notice	Creates executable files on the filesystem
notice	Drops a binary and executes it
notice	Drops an executable to the user AppData folder
notice	One or more potentially interesting buffers were extracted
notice	Terminates another process
notice	Uses Windows utilities for basic Windows functionality
notice	Yara rule detected in process memory
info	Checks amount of memory in system
info	Checks if process is being debugged by a debugger
info	Command line console output was observed
info	The executable contains unknown PE section names indicative of a packer (could be a false positive)

No data

No	URL	CC	ASN Co	Reporter	Date
1	http://104.161.23.254/ChromeSetup.exe chrome malformed	US	SSASN2	abus3reports	2024.05.23
2	http://94.156.6.89/chrome.apk apk android chrome	BG	NET1 Ltd.	anonymous	2023.09.29

Beta Service, If you select keyword, you can check detailed information.