popup

Cyber Threat Trends

  1. Day Month

conference CrowdStrike 북한

Summary: 2025/04/19 11:15

First reported date: 2011/03/24
Inquiry period : 2025/04/12 11:15 ~ 2025/04/19 11:15 (7 days), 29 search results

전 기간대비 14% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 IoC Victim c&c Report Windows 입니다.
악성코드 유형 XWorm TONESHELL AsyncRAT 도 새롭게 확인됩니다.
공격자 Tick 도 새롭게 확인됩니다.
공격기술 Backdoor Social Engineering 도 새롭게 확인됩니다.
기관 및 기업 Canada United Kingdom Ucraina Zscaler Australia Taiwan Japan Check Point 도 새롭게 확인됩니다.
기타 MUSTANG PANDA keylogger ZeroDay UNIX VMware 등 신규 키워드도 확인됩니다.

 * 최근 뉴스기사 Top3:
    ㆍ 2025/04/18 Sintesi riepilogativa delle campagne malevole nella settimana del 12 – 18 aprile
    ㆍ 2025/04/18 Inside Black Basta: Ransomware Resilience and Evolution After the Leak
    ㆍ 2025/04/17 Seamlessly Integrate ANY.RUN’s Services into Your Infrastructure via SDK

Trend graph by period


Related keyword cloud
Top 100
# Trend Count Comparison
1IoC 29 ▲ 4 (14%)
2Malware 15 - 0 (0%)
3Phishing 10 ▼ -1 (-10%)
4Victim 9 ▲ 3 (33%)
5c&c 9 ▲ 3 (33%)
6Report 8 ▲ 1 (13%)
7Update 8 ▼ -1 (-13%)
8Windows 8 ▲ 2 (25%)
9Microsoft 7 ▲ 2 (29%)
10United States 7 ▲ 1 (14%)
11Campaign 7 ▼ -7 (-100%)
12GitHub 6 ▲ 3 (50%)
13Cobalt Strike 6 ▲ 5 (83%)
14Stealer 6 - 0 (0%)
15Exploit 6 ▲ 3 (50%)
16Linux 6 ▲ 4 (67%)
17target 6 ▲ 1 (17%)
18Vulnerability 5 ▲ 3 (60%)
19NetWireRC 5 ▲ 2 (40%)
20intelligence 5 ▲ 1 (20%)
21Advertising 5 ▼ -3 (-60%)
22China 5 ▲ 2 (40%)
23Email 5 - 0 (0%)
24attack 5 ▼ -3 (-60%)
25iocs 4 ▲ 3 (75%)
26Government 4 ▲ 2 (50%)
27Backdoor 4 ▲ new
28Kaspersky 4 ▲ 2 (50%)
29GameoverP2P 4 ▲ 1 (25%)
30VBScript 3 ▲ 1 (33%)
31RAT 3 ▲ 1 (33%)
32Android 3 ▲ 1 (33%)
33EDR 3 ▲ 2 (67%)
34powershell 3 ▼ -3 (-100%)
35Distribution 3 ▲ 1 (33%)
36Cisco 3 ▲ 2 (67%)
37Operation 3 - 0 (0%)
38Criminal 3 - 0 (0%)
39Russia 3 ▲ 1 (33%)
40Lumma 3 - 0 (0%)
41ANYRUN 3 ▲ 1 (33%)
42Social Engineering 3 ▲ new
43threat 3 ▲ 2 (67%)
44XWorm 2 ▲ new
45Canada 2 ▲ new
46Telegram 2 ▲ 1 (50%)
47Browser 2 ▼ -1 (-50%)
48United Kingdom 2 ▲ new
49Ucraina 2 ▲ new
50MFA 2 - 0 (0%)
51RCE 2 ▼ -1 (-50%)
52TONESHELL 2 ▲ new
53Zscaler 2 ▲ new
54MUSTANG PANDA 2 ▲ new
55file 2 - 0 (0%)
56Trojan 2 ▼ -1 (-50%)
57keylogger 2 ▲ new
58ZeroDay 2 ▲ new
59AsyncRAT 2 ▲ new
60Tick 2 ▲ new
61Australia 2 ▲ new
62Taiwan 2 ▲ new
63Japan 2 ▲ new
64South Korea 2 ▲ 1 (50%)
65AMOS 2 ▲ 1 (50%)
66amosstealer 2 ▲ 1 (50%)
67MAC 2 ▲ 1 (50%)
68UNIX 2 ▲ new
69VirusTotal 2 ▲ 1 (50%)
70Check Point 2 ▲ new
71malevole 2 - 0 (0%)
72campagne 2 - 0 (0%)
73VMware 2 ▲ new
74India 2 ▲ 1 (50%)
75Education 2 ▼ -1 (-50%)
76Sintesi 2 - 0 (0%)
77Safari 2 ▲ new
78hijack 2 ▲ 1 (50%)
79Ransomware 2 - 0 (0%)
80TI 2 ▲ new
81Germany 1 ▲ new
82server 1 ▲ new
83UN 1 - 0 (0%)
84di 1 - 0 (0%)
85France 1 ▲ new
86Reports 1 ▲ new
87Explore 1 ▲ new
88MWNEWS 1 ▲ new
89DDoS 1 - 0 (0%)
90Software 1 ▼ -3 (-300%)
91StarProxy 1 ▲ new
92C2 1 ▲ new
93list 1 ▲ new
94ttps 1 ▲ new
95Check 1 ▲ new
96Point 1 ▲ new
97Europe 1 ▲ new
98riepilogativa 1 ▼ -1 (-100%)
99delle 1 - 0 (0%)
100Variant 1 ▲ new
Special keyword group
Top 5
Malware Type
Malware Type

This is the type of malware that is becoming an issue.

Keyword Average Label
NetWireRC
5 (17.2%)
GameoverP2P
4 (13.8%)
RAT
3 (10.3%)
Lumma
3 (10.3%)
XWorm
2 (6.9%)
Attacker & Actors
Attacker & Actors

The status of the attacker or attack group being issued.

Keyword Average Label
Tick
2 (66.7%)
APT29
1 (33.3%)
Attack technique
Technique

This is an attack technique that is becoming an issue.

Keyword Average Label
Phishing
10 (23.3%)
Campaign
7 (16.3%)
Stealer
6 (14%)
Exploit
6 (14%)
Backdoor
4 (9.3%)
Country & Company
Country & Company

This is a country or company that is an issue.

Keyword Average Label
Microsoft
7 (11.9%)
United States
7 (11.9%)
China
5 (8.5%)
Government
4 (6.8%)
Kaspersky
4 (6.8%)
Threat info
Last 5

SNS

(Total : 17)
  Total keyword

IoC Stealer Phishing iocs Malware Lumma intelligence NetWireRC Microsoft XWorm AsyncRAT GitHub Xloader Safari Browser Update Check Point ClickFix Cobalt Strike Report APT41 Windows Takedown target Linux Exploit Government Education Ransomware Operation LummaStealer attack RAT VBScript Email MacOS

No Title Date
1Cert AgID @AgidCert
Sintesi riepilogativa delle campagne malevole nella settimana del 12 – 18 aprile 2025 ???? #IoC 767 ???? #Malware 14 (famiglie) ???? #Phishing 15 (brand) ℹ️ Ulteriori approfondimenti ???? ???? https://t.co/tHX7KWBqpq https://t.co/egf4ZDtRxt		2025.04.18
2Yogesh Londhe @suyog41
Amos Stealer New Variant ? Contains string "MacOS Stealer by mentalpositive" Installer_v.1.12.dmg f93be429a213f2ea8aef277862a8e8bf C2 gq8ruzk1h3a8.cfd #Amos #AmosStealer #Stealer #IOC https://t.co/SFMHluCtMG		2025.04.18
3ANY.RUN @anyrun_app
???? Explore Threat Intelligence Reports from #ANYRUN. Discover detailed research on active cyber threats and APTs with actionable insights, #IOCs, & #TTPs. Enrich proactive security, report on #APT41 inside ???? https://t.co/ZkhxJ3hf17		2025.04.18
4MalwareHunterTeam @malwrhunterteam
If you look at the IoCs list of that Check Point article (published 15th this month), you can see these mentioned files. The "wine\.zip", one "ppcore.dll" and one "AppvIsvSubsystems64.dll" with their hashes were mentioned here (tweeted on March 13): https://t.co/pJUuAbrYTT. The https://t.co/fti6DEAo		2025.04.18
5Threat Insight @threatinsight
These examples of state-sponsored actors using ClickFix show that threat actors share, copy, steal, adopt, and test tactics, techniques and procedures (TTPs) from publicly exposed tradecraft or interaction with other threat groups. See our blog for IOCs and @ET_Labs Rules.		2025.04.17

News

(Total : 12)
  Total keyword

Malware IoC c&c Victim Attacker Windows Report Campaign United States Update Phishing Microsoft Vulnerability Advertising Exploit China GitHub Linux target Cobalt Strike Backdoor GameoverP2P attack Kaspersky Email Social Engineering Criminal NetWireRC Distribution Government powershell EDR Android intelligence Russia Cisco UNIX TONESHELL South Korea VBScript Japan Taiwan Australia Zscaler MUSTANG PANDA VirusTotal ZeroDay RAT United Kingdom MFA Operation VMware India Tick Ucraina RCE Telegram Canada keylogger Trojan hijack XDR Dropper PlugX schtasks Software APT29 Black Basta UN VPN Rapid7 Ransomware Google Education Browser WhatsApp Smishing Stealer Israel Cobalt WMI Malicious Traffic ...

No Title Date
1Sintesi riepilogativa delle campagne malevole nella settimana del 12 – 18 aprile - Malware.News2025.04.18
2Inside Black Basta: Ransomware Resilience and Evolution After the Leak - Malware.News2025.04.18
3Seamlessly Integrate ANY.RUN’s Services into Your Infrastructure via SDK - Malware.News2025.04.17
4Unmasking the new XorDDoS controller and infrastructure - Malware.News2025.04.17
5IronHusky updates the forgotten MysterySnail RAT to target Russia and Mongolia - Malware.News2025.04.17

Additional information

No data
No data
No data
No URL CC ASN Co Reporter Date
1http://185.215.113.93/tdrpload.exe
exe GandCrab IOC Ransomware 		Try02024.07.27
2http://185.215.113.93/r.exe
exe GandCrab IOC Ransomware 		Try02024.07.27
3http://185.215.113.93/a.exe
exe GandCrab IOC Ransomware 		Try02024.07.27
4http://185.215.113.93/t2.exe
exe GandCrab IOC Ransomware 		Try02024.07.27
5http://185.215.113.93/s.exe
exe GandCrab IOC Ransomware 		Try02024.07.27
View only the last 5
Beta Service, If you select keyword, you can check detailed information.