Summary: 2025/04/17 15:55
First reported date: 2010/06/28
Inquiry period : 2025/04/10 15:55 ~ 2025/04/17 15:55 (7 days), 3 search results
전 기간대비 -100% 낮은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 target Software Update Victim Java 입니다.
악성코드 유형 Vawtrak GameoverP2P 도 새롭게 확인됩니다.
공격기술 RCE hijack Hijacking 도 새롭게 확인됩니다.
기관 및 기업 Microsoft Government Kaspersky Russia 도 새롭게 확인됩니다.
기타 Cryptocurrency package source AnyDesk Supply chain 등 신규 키워드도 확인됩니다.
* 최근 뉴스기사 Top3:
ㆍ 2025/04/10 Atomic and Exodus crypto wallets targeted in malicious npm campaign
ㆍ 2025/04/10 Atomic and Exodus crypto wallets targeted in malicious npm campaign
ㆍ 2025/04/10 GOFFEE continues to attack organizations in Russia
Trend graph by period
Related keyword cloud
Top 100| # | Trend | Count | Comparison |
|---|---|---|---|
| 1 | target | 3 | ▲ 1 (33%) |
| 2 | Microsoft | 3 | ▲ new |
| 3 | Software | 3 | ▲ 1 (33%) |
| 4 | RCE | 3 | ▲ new |
| 5 | Downloader | 3 | ▼ -3 (-100%) |
| 6 | Campaign | 3 | - 0 (0%) |
| 7 | Update | 3 | ▲ 2 (67%) |
| 8 | Victim | 3 | ▲ 2 (67%) |
| 9 | Cryptocurrency | 2 | ▲ new |
| 10 | Java | 2 | ▲ 1 (50%) |
| 11 | Criminal | 2 | - 0 (0%) |
| 12 | hijack | 2 | ▲ new |
| 13 | Hijacking | 2 | ▲ new |
| 14 | Malware | 2 | - 0 (0%) |
| 15 | malicious | 2 | ▲ 1 (50%) |
| 16 | attack | 2 | ▲ 1 (50%) |
| 17 | package | 2 | ▲ new |
| 18 | IoC | 2 | ▲ 1 (50%) |
| 19 | Report | 2 | - 0 (0%) |
| 20 | source | 1 | ▲ new |
| 21 | Trojan | 1 | - 0 (0%) |
| 22 | AnyDesk | 1 | ▲ new |
| 23 | Supply chain | 1 | ▲ new |
| 24 | Operation | 1 | ▲ new |
| 25 | file | 1 | - 0 (0%) |
| 26 | open | 1 | ▲ new |
| 27 | Advertising | 1 | - 0 (0%) |
| 28 | Government | 1 | ▲ new |
| 29 | 1 | ▲ new | |
| 30 | Kaspersky | 1 | ▲ new |
| 31 | Windows | 1 | - 0 (0%) |
| 32 | Vawtrak | 1 | ▲ new |
| 33 | GameoverP2P | 1 | ▲ new |
| 34 | SMB | 1 | ▲ new |
| 35 | Distribution | 1 | - 0 (0%) |
| 36 | powershell | 1 | - 0 (0%) |
| 37 | VBScript | 1 | ▲ new |
| 38 | c&c | 1 | ▼ -2 (-200%) |
| 39 | United States | 1 | - 0 (0%) |
| 40 | Russia | 1 | ▲ new |
| 41 | Phishing | 1 | - 0 (0%) |
| 42 | Atomic | 1 | ▲ new |
Special keyword group
Top 5
Malware Type
This is the type of malware that is becoming an issue.
| Keyword | Average | Label |
|---|---|---|
| Trojan |
|
1 (33.3%) |
| Vawtrak |
|
1 (33.3%) |
| GameoverP2P |
|
1 (33.3%) |
Attacker & Actors
The status of the attacker or attack group being issued.
| Keyword | Average | Label |
|---|
Technique
This is an attack technique that is becoming an issue.
| Keyword | Average | Label |
|---|---|---|
| RCE |
|
3 (21.4%) |
| Downloader |
|
3 (21.4%) |
| Campaign |
|
3 (21.4%) |
| hijack |
|
2 (14.3%) |
| Hijacking |
|
2 (14.3%) |
Country & Company
This is a country or company that is an issue.
| Keyword | Average | Label |
|---|---|---|
| Microsoft |
|
3 (42.9%) |
| Government |
|
1 (14.3%) |
| Kaspersky |
|
1 (14.3%) |
| United States |
|
1 (14.3%) |
| Russia |
|
1 (14.3%) |
Threat info
Last 5SNS
(Total : 0)No data.
News
(Total : 3)target Microsoft Software RCE Downloader Campaign Update Victim Cryptocurrency Java Criminal hijack Hijacking Malware attack Attacker IoC Report Trojan AnyDesk Supply chain Operation Advertising Government Email Kaspersky Windows Vawtrak GameoverP2P SMB Distribution powershell VBScript c&c United States Russia Phishing
| No | Title | Date |
|---|---|---|
| 1 | Atomic and Exodus crypto wallets targeted in malicious npm campaign - Malware.News | 2025.04.10 |
| 2 | Atomic and Exodus crypto wallets targeted in malicious npm campaign - ReversingLabs Blog | 2025.04.10 |
| 3 | GOFFEE continues to attack organizations in Russia - Malware.News | 2025.04.10 |
Additional information
| No | Title | Date |
|---|---|---|
| 1 | 엔디비아 'AI 심장부' GPU에 보안 구멍.. '즉시 패치' 비상 - 시큐리티팩트 | 2025.04.17 |
| 2 | Hi, robot: Half of all internet traffic now automated - Malware.News | 2025.04.17 |
| 3 | Zoom Sees Outage With 50,000 Users Reporting Availability Issues - Bloomberg Technology | 2025.04.17 |
| 4 | Nude photos and names: KU Health and Kansas hospital sued for data breach - Malware.News | 2025.04.17 |
| 5 | DeepSeek Poses ‘Profound’ Security Threat, US House Panel Claims - Bloomberg Technology | 2025.04.17 |
| View only the last 5 | ||
| No | Title | Date |
|---|---|---|
| 1 | Atomic and Exodus crypto wallets targeted in malicious npm campaign - Malware.News | 2025.04.10 |
| 2 | Atomic and Exodus crypto wallets targeted in malicious npm campaign - ReversingLabs Blog | 2025.04.10 |
| 3 | GOFFEE continues to attack organizations in Russia - Malware.News | 2025.04.10 |
| 4 | GOFFEE continues to attack organizations in Russia - Malware.News | 2025.04.10 |
| 5 | 북한 해커 조직, 악성 npm 패키지 11개 추가 배포… 한국 개발자 공격 - 시큐리티팩트 | 2025.04.07 |
| View only the last 5 | ||
| Level | Description |
|---|---|
| watch | Resumed a suspended thread in a remote process potentially indicative of process injection |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) |
| notice | Potentially malicious URLs were found in the process memory dump |
| notice | Uses Windows utilities for basic Windows functionality |
| notice | Yara rule detected in process memory |
| Network | SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee) |
| No | URL | CC | ASN Co | Reporter | Date |
|---|---|---|---|---|---|
| 1 | http://147.124.216.113/image.exe DBatLoader downloader malware trojan VIPKeylogger | US  | AC-AS-1 | Joker | 2025.01.03 |
| 2 | https://hybrid-independently-eve-hint.trycloudflare.com/om.js downloader js obfuscated opendir webdav | DaveLikesMalwre | 2024.12.29 | ||
| 3 | http://37.120.234.31/Update-KB5005101.zip bat downloader Encoded opendir reverseshell | RO  | Secure Data Systems SRL | DaveLikesMalwre | 2024.12.10 |
| 4 | https://hoteltoscanaplaza.com.co/Index.txt downloader js | US | UNIFIEDLAYER-AS-1 | DaveLikesMalwre | 2024.11.03 |
| 5 | https://rartxt41.b-cdn.net/raril4.txt downloader Lumma ps1 ua-wget | US | DaveLikesMalwre | 2024.10.12 | |
| View only the last 5 | |||||