Cyber Threat Trends

Summary: 2025/04/17 15:55

First reported date: 2008/06/10
Inquiry period : 2025/04/10 15:55 ~ 2025/04/17 15:55 (7 days), 150 search results

전 기간대비 -11% 낮은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 Alert Malware target Windows Vulnerability 입니다.
공격기술 RCE 도 새롭게 확인됩니다.
기관 및 기업 United Kingdom Europe North Korea Ucraina Iran Deloitte 도 새롭게 확인됩니다.
기타 domain LYNX Kidney DaVita Linux 등 신규 키워드도 확인됩니다.

* 최근 뉴스기사 Top3:
    ㆍ 2025/04/17 Interlock ransomware evolves tactics with ClickFix, infostealers
    ㆍ 2025/04/17 Wars without Gun Smoke: China Plays the Cyber Name-and-Shame Game on Taiwan and the U.S
    ㆍ 2025/04/16 Threat Intelligence Snapshot: Week 15, 2025

참고로 동일한 그룹의 악성코드 타입은 WannaCry Sodinokibi Phobos 등 78개 종이 확인됩니다.

Date range button:

First seen:

Last seen:

Keyword

Trend graph by period

Related keyword cloud

Top 100

#	Trend	Count	Comparison
1	Ransomware	150	▼ -17 (-11%)
2	Victim	63	▼ -18 (-29%)
3	Alert	56	▲ 1 (2%)
4	Malware	35	▲ 2 (6%)
5	Report	28	- 0 (0%)
6	attack	27	▼ -5 (-19%)
7	United States	20	▼ -2 (-10%)
8	target	19	▲ 8 (42%)
9	DarkWeb	15	▼ -12 (-80%)
10	Group	15	▼ -9 (-60%)
11	Exploit	15	▼ -3 (-20%)
12	Update	14	▼ -8 (-57%)
13	Campaign	13	▼ -1 (-8%)
14	Windows	13	▲ 5 (38%)
15	Vulnerability	13	▲ 3 (23%)
16	MWNEWS	11	▲ 5 (45%)
17	Phishing	10	▲ 2 (20%)
18	RCE	10	▲ new
19	Akira	10	▲ 2 (20%)
20	Government	9	▲ 5 (56%)
21	United Kingdom	8	▲ new
22	Advertising	8	▲ 1 (13%)
23	China	8	▲ 1 (13%)
24	Microsoft	8	▼ -3 (-38%)
25	threat	8	▲ 4 (50%)
26	Criminal	8	▼ -4 (-50%)
27	INC	8	▲ 5 (63%)
28	Operation	7	▼ -3 (-43%)
29	Software	7	▼ -3 (-43%)
30	ZeroDay	7	▼ -2 (-29%)
31	hacking	7	▼ -1 (-14%)
32	Education	6	- 0 (0%)
33	intelligence	6	- 0 (0%)
34	LockBit	6	▼ -1 (-17%)
35	domain	6	▲ new
36	Email	5	▼ -3 (-60%)
37	LYNX	5	▲ new
38	Ransom	5	▲ 1 (20%)
39	ThreatProtection	4	▲ 1 (25%)
40	Kaspersky	4	▼ -3 (-75%)
41	Password	4	▲ 3 (75%)
42	critical	4	▲ 3 (75%)
43	amp	4	▼ -2 (-50%)
44	PLAY	4	▼ -1 (-25%)
45	Europe	4	▲ new
46	South Korea	4	▲ 2 (50%)
47	Android	4	▲ 3 (75%)
48	gang	4	▲ 3 (75%)
49	Russia	4	▲ 1 (25%)
50	dragonforce	4	▲ 1 (25%)
51	Canada	3	▲ 2 (67%)
52	공격	3	- 0 (0%)
53	LinkedIn	3	▲ 1 (33%)
54	Kidney	3	▲ new
55	Qilin	3	▼ -4 (-133%)
56	April	3	▼ -4 (-133%)
57	Distribution	3	▼ -1 (-33%)
58	IoC	3	▲ 1 (33%)
59	North Korea	3	▲ new
60	Taiwan	3	▲ 2 (67%)
61	DaVita	3	▲ new
62	Germany	3	▲ 2 (67%)
63	Black Basta	3	▼ -1 (-33%)
64	NortonLifeLock	3	- 0 (0%)
65	Clop	3	▼ -2 (-67%)
66	dark	3	▼ -1 (-33%)
67	Linux	3	▲ new
68	Interlock	3	- 0 (0%)
69	RaaS	2	▲ 1 (50%)
70	Deface	2	▼ -2 (-100%)
71	Stealer	2	- 0 (0%)
72	Ucraina	2	▲ new
73	Iran	2	▲ new
74	CISA	2	▼ -3 (-150%)
75	Telegram	2	▲ 1 (50%)
76	Spain	2	- 0 (0%)
77	AhnLab	2	▲ 1 (50%)
78	Social Engineering	2	▼ -1 (-50%)
79	Australia	2	▲ 1 (50%)
80	Record	2	- 0 (0%)
81	conference	2	▲ new
82	Takedown	2	- 0 (0%)
83	Supply chain	2	- 0 (0%)
84	entire	2	- 0 (0%)
85	Deloitte	2	▲ new
86	Google	2	▼ -1 (-50%)
87	March	2	- 0 (0%)
88	Medusa	2	▼ -2 (-100%)
89	SAFEPAY	2	▲ 1 (50%)
90	Zero Trust	2	▲ 1 (50%)
91	Engineering	2	▲ new
92	RATel	2	▼ -2 (-100%)
93	breach	2	▼ -2 (-100%)
94	Hertz	2	▲ new
95	Review	2	▲ 1 (50%)
96	Blog	2	▲ 1 (50%)
97	Nach	2	▲ new
98	ITUnternehmen	2	▲ new
99	Lübecker	2	▲ new
100	Basta	2	▲ 1 (50%)

Special keyword group

Top 5

Malware Type

This is the type of malware that is becoming an issue.

Keyword	Average	Label
Ransomware		150 (82.9%)
Akira		10 (5.5%)
LockBit		6 (3.3%)
Black Basta		3 (1.7%)
Clop		3 (1.7%)

Attacker & Actors

The status of the attacker or attack group being issued.

Keyword	Average	Label

Technique

This is an attack technique that is becoming an issue.

Keyword	Average	Label
Exploit		15 (24.6%)
Campaign		13 (21.3%)
Phishing		10 (16.4%)
RCE		10 (16.4%)
hacking		7 (11.5%)

Country & Company

This is a country or company that is an issue.

Keyword	Average	Label
United States		20 (20.2%)
Government		9 (9.1%)
United Kingdom		8 (8.1%)
China		8 (8.1%)
Microsoft		8 (8.1%)

Malware Family

Top 5

A malware family is a group of applications with similar attack techniques.
In this trend, it is classified into Ransomware, Stealer, RAT or Backdoor, Loader, Botnet, Cryptocurrency Miner.

Threat info

Last 5

SNS

(Total : 106)

Total keyword

Ransomware Victim DarkWeb Akira United States attack Report target Exploit LockBit RCE Windows Government Malware Canada Criminal Education Update India Distribution Germany Rhysida Europe Rhysida Ransomware Operation Attacker Data Center Mexico Linux Takedown ...

No	Title	Date
1	FalconFeeds.io @FalconFeedsio ???? SAFEPAY Ransomware Alert ???? SAFEPAY Ransomware has added 12 new victims to their dark web portal. Stadt Heilbronn ???????? Kellermann & Engelhardt ITEC GmbH ???????? Heinrich + Steinhardt GmbH ???????? Helix Tool ???????? Hurst + Schröder GmbH ???????? Extreme Fire Solutions ???????? FR	2025.04.17
2	FalconFeeds.io @FalconFeedsio DragonForce Ransomware Alert ???? DragonForce Ransomware has added 2 new victims to their dark web portal. - City of Grove ???????? - Iris ID Systems Inc ???????? https://t.co/6oNwEntZcH	2025.04.17
3	FalconFeeds.io @FalconFeedsio ???? MEDUDA Ransomware Alert ???? Lithium Americas Corp. ???????? ???? Lithium Americas Corp. engages in the exploration and development of lithium properties in the United States and Canada, has fallen victim to MEDUSA ransomware. ???? Key Details: ???? Threat Actor: MEDUSA ????Published date ht	2025.04.17
4	FalconFeeds.io @FalconFeedsio ???? Ransomware Alert: A-1 Freeman Moving Group(a-1 https://t.co/AOFnRsiknk), a leading U.S. provider of comprehensive moving, relocation, logistics, warehousing, and transportation services for individuals, businesses, governments, and military clients nationwide, based in USA, https://t.co/YtW95F	2025.04.16
5	FalconFeeds.io @FalconFeedsio ???? Ransomware Alert ???? Setpoint Systems Corporation ???????? ???? Setpoint Systems Corporation is a lean automation integration firm providing engineering, design, build, and controls experts for turn key custom automated solutions using the Toyota Production System (TPS) methodology https://t	2025.04.16

News

(Total : 44)

Total keyword

Ransomware Malware Report attack Vulnerability Campaign Update United States target Windows Attacker Phishing Victim Exploit Microsoft China ZeroDay Software United Kingdom Advertising hacking Email RCE Operation Government intelligence Criminal Kaspersky Russia Android LinkedIn South Korea North Korea Education Password Clop Social Engineering CISA RATel Ucraina Taiwan Deloitte Zero Trust WhatsApp Europe Linux arrest conference Iran Stealer Deface Black Basta RaaS Google c&c IoC Police DYEPACK Cisco Cryptocurrency QakBot Cyber Kill Chain Distribution ESET 교육 ...

No	Title	Date
1	Interlock ransomware evolves tactics with ClickFix, infostealers - Malware.News	2025.04.17
2	Wars without Gun Smoke: China Plays the Cyber Name-and-Shame Game on Taiwan and the U.S - Malware.News	2025.04.17
3	Threat Intelligence Snapshot: Week 15, 2025 - Malware.News	2025.04.16
4	Cyber Signals Issue 9 \| AI-powered deception: Emerging fraud threats and countermeasures - Malware.News	2025.04.16
5	Streamlining detection engineering in security operation centers - Malware.News	2025.04.16

Additional information

No	Title	Date
1	엔디비아 'AI 심장부' GPU에 보안 구멍.. '즉시 패치' 비상 - 시큐리티팩트	2025.04.17
2	Hi, robot: Half of all internet traffic now automated - Malware.News	2025.04.17
3	Zoom Sees Outage With 50,000 Users Reporting Availability Issues - Bloomberg Technology	2025.04.17
4	Nude photos and names: KU Health and Kansas hospital sued for data breach - Malware.News	2025.04.17
5	DeepSeek Poses ‘Profound’ Security Threat, US House Panel Claims - Bloomberg Technology	2025.04.17
View only the last 5

No	Title	Date
1	Wars without Gun Smoke: China Plays the Cyber Name-and-Shame Game on Taiwan and the U.S - Malware.News	2025.04.17
2	Threat Intelligence Snapshot: Week 15, 2025 - Malware.News	2025.04.16
3	Cyber Signals Issue 9 \| AI-powered deception: Emerging fraud threats and countermeasures - Malware.News	2025.04.16
4	Cyber Signals Issue 9 \| AI-powered deception: Emerging fraud threats and countermeasures - Malware.News	2025.04.16
5	Cyber Signals Issue 9 \| AI-powered deception: Emerging fraud threats and countermeasures - Malware.News	2025.04.16
View only the last 5

No	Request	Hash(md5)	Report No	Date
1	hello.exe Ransomware Malicious Library .NET EXE PE32 PE File	69d1c11ae24884ea55ab39787853ad0c	55331	2024.11.13

Level	Description
danger	File has been identified by 58 AntiVirus engines on VirusTotal as malicious
notice	Allocates read-write-execute memory (usually to unpack itself)
info	Checks amount of memory in system
info	Checks if process is being debugged by a debugger
info	Collects information to fingerprint the system (MachineGuid
info	The executable contains unknown PE section names indicative of a packer (could be a false positive)

No data

No	URL	CC	ASN Co	Reporter	Date
1	https://hilarious-trifle-d9182e.netlify.app/lootsubmit.ps1 fog Ransomware	SG	AMAZON-02	JAMESWT_WT	2025.04.04
2	https://hilarious-trifle-d9182e.netlify.app/cwiper.exe fog Ransomware	SG	AMAZON-02	JAMESWT_WT	2025.04.04
3	https://hilarious-trifle-d9182e.netlify.app/Pay fog Ransomware	SG	AMAZON-02	JAMESWT_WT	2025.04.04
4	https://hilarious-trifle-d9182e.netlify.app/stage1.ps1 fog Ransomware	SG	AMAZON-02	JAMESWT_WT	2025.04.04
5	https://hilarious-trifle-d9182e.netlify.app/Pay%20Adjustment.zip fog Ransomware	SG	AMAZON-02	JAMESWT_WT	2025.04.04
View only the last 5

Beta Service, If you select keyword, you can check detailed information.