Cyber Threat Trends

Summary: 2025/04/19 12:29

First reported date: 2009/08/05
Inquiry period : 2025/04/12 12:29 ~ 2025/04/19 12:29 (7 days), 28 search results

전 기간대비 18% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 Browser Malware Email Update Report 입니다.
악성코드 유형 RAT njRAT NetWireRC LockBit RedLine Raccoon Vidar 도 새롭게 확인됩니다.
공격기술 hijack 도 새롭게 확인됩니다.
기관 및 기업 CISA China Proofpoint United Kingdom Cisco Spain 도 새롭게 확인됩니다.
기타 WhatsApp Education risk privacy Sicherheitslücke 등 신규 키워드도 확인됩니다.

* 최근 뉴스기사 Top3:
    ㆍ 2025/04/18 Dark Web Market: STYX Market
    ㆍ 2025/04/18 Care what you share
    ㆍ 2025/04/17 Hi, robot: Half of all internet traffic now automated

Date range button:

First seen:

Last seen:

Keyword

Trend graph by period

Related keyword cloud

Top 100

#	Trend	Count	Comparison
1	Browser	28	▲ 5 (18%)
2	Malware	13	▲ 3 (23%)
3	Email	10	▲ 5 (50%)
4	Update	9	▲ 1 (11%)
5	Report	8	▲ 3 (38%)
6	target	7	- 0 (0%)
7	RCE	7	▲ 6 (86%)
8	Google	7	▲ 2 (29%)
9	Chrome	6	- 0 (0%)
10	attack	6	▲ 3 (50%)
11	Campaign	6	- 0 (0%)
12	Exploit	5	▼ -1 (-20%)
13	Phishing	5	▲ 1 (20%)
14	Software	5	- 0 (0%)
15	Password	4	▲ 2 (50%)
16	Microsoft	4	▼ -3 (-75%)
17	Windows	4	▼ -3 (-75%)
18	United States	4	- 0 (0%)
19	Stealer	3	- 0 (0%)
20	Cryptocurrency	3	▲ 1 (33%)
21	account	3	▲ 2 (67%)
22	GameoverP2P	3	▲ 2 (67%)
23	WhatsApp	3	▲ new
24	Vulnerability	3	- 0 (0%)
25	Advertising	3	▼ -4 (-133%)
26	GitHub	3	▲ 1 (33%)
27	intelligence	3	▲ 2 (67%)
28	Kaspersky	3	▲ 1 (33%)
29	Education	3	▲ new
30	MFA	3	▲ 1 (33%)
31	Criminal	3	- 0 (0%)
32	Russia	3	▲ 1 (33%)
33	Victim	3	▲ 1 (33%)
34	risk	2	▲ new
35	ChatGPT	2	▲ 1 (50%)
36	privacy	2	▲ new
37	Operation	2	- 0 (0%)
38	Sicherheitslücke	2	▲ new
39	Safari	2	▲ 1 (50%)
40	IoC	2	▼ -1 (-50%)
41	Kritische	2	▲ new
42	hijack	2	▲ new
43	c&c	2	▼ -2 (-100%)
44	Apple	2	- 0 (0%)
45	protection	2	▲ 1 (50%)
46	RAT	2	▲ new
47	threat	2	▲ 1 (50%)
48	Ransomware	2	- 0 (0%)
49	Trojan	2	▼ -1 (-50%)
50	enterprise	2	▲ new
51	Social Engineering	2	▲ 1 (50%)
52	powershell	2	▼ -3 (-150%)
53	payment	2	- 0 (0%)
54	VPN	2	▲ 1 (50%)
55	last	1	▲ new
56	Android	1	▼ -1 (-100%)
57	Smishing	1	- 0 (0%)
58	Cofense	1	▲ new
59	Zusammenfassung	1	- 0 (0%)
60	address	1	▲ new
61	legitimate	1	▲ new
62	UNKRemoteRogue	1	▲ new
63	taegliche	1	- 0 (0%)
64	Sicherheitsnews	1	- 0 (0%)
65	sense	1	▲ new
66	compromised	1	▲ new
67	access	1	- 0 (0%)
68	Dec	1	▲ new
69	njRAT	1	▲ new
70	information	1	▲ new
71	NetWireRC	1	▲ new
72	own	1	▲ new
73	Figure	1	- 0 (0%)
74	Takedown	1	▼ -1 (-100%)
75	Webbrowser	1	▲ new
76	CISA	1	▲ new
77	China	1	▲ new
78	Proofpoint	1	▲ new
79	dlp	1	▲ new
80	infosec	1	▲ new
81	insiderrisk	1	▲ new
82	United Kingdom	1	▲ new
83	Cisco	1	▲ new
84	datalossprevention	1	▲ new
85	LockBit	1	▲ new
86	Spain	1	▲ new
87	RedLine	1	▲ new
88	Raccoon	1	▲ new
89	Vidar	1	▲ new
90	Telegram	1	▼ -1 (-100%)
91	Lumma	1	- 0 (0%)
92	DarkWeb	1	▲ new
93	RSA Conference	1	▲ new
94	DDoS	1	- 0 (0%)
95	humancentric	1	▲ new
96	human	1	▲ new
97	abgedichtet	1	▲ new
98	Firefox	1	▼ -2 (-200%)
99	Kali	1	▲ new
100	Router	1	▲ new

Special keyword group

Top 5

Malware Type

This is the type of malware that is becoming an issue.

Keyword	Average	Label
GameoverP2P		3 (17.6%)
RAT		2 (11.8%)
Ransomware		2 (11.8%)
Trojan		2 (11.8%)
njRAT		1 (5.9%)

Attacker & Actors

The status of the attacker or attack group being issued.

Keyword	Average	Label

Technique

This is an attack technique that is becoming an issue.

Keyword	Average	Label
RCE		7 (21.9%)
Campaign		6 (18.8%)
Exploit		5 (15.6%)
Phishing		5 (15.6%)
Stealer		3 (9.4%)

Country & Company

This is a country or company that is an issue.

Keyword	Average	Label
Google		7 (21.2%)
Microsoft		4 (12.1%)
United States		4 (12.1%)
Kaspersky		3 (9.1%)
Russia		3 (9.1%)

Threat info

Last 5

SNS

(Total : 10)

Total keyword

Browser Email target WhatsApp plugin Tor Update Chrome Russia Campaign powershell Kaspersky dlp Proofpoint Malware Symantec RAT attack India Stealer IoC Safari MacOS

No	Title	Date
1	Proofpoint @proofpoint Proofpoint human-centric information protection delivers proactive #datalossprevention and #insiderrisk management across all the modern channels people work—email, endpoint, cloud and browsers. Learn more at https://t.co/I7L48yJ9Zr. #infosec #DLP	2025.04.18
2	Threat Insight @threatinsight UNK_RemoteRogue (Russia): In Dec 2024, a targeted campaign used compromised infrastructure to send emails to people linked to a defense industry manufacturer. The emails contained directions in Russian to copy malicious PowerShell code from the browser to their terminal. https://t.co/8c7S1wTplG	2025.04.17
3	Microsoft Threat Intelligence @MsftSecIntel @sherrod_im However, the QR code is used by WhatsApp to connect an account to a linked device and/or the WhatsApp Web portal. If the target follows the instructions on the page, the threat actor could gain access to messages in their WhatsApp account & exfiltrate data using browser plugins.	2025.04.16
4	Dark Web Informer - Cyber Threat Intelligence @DarkWebInformer ????Tor Browser 14.5 has been released! Update!???? https://t.co/eKBLwkcgFp	2025.04.16
5	Yogesh Londhe @suyog41 Banshee Stealer Safari_Browser_2.45.dmg 1d96e46f60f297e1e520af4ec7d0e895 olaiokejk-oikeja 37127f6ea5453f025b1727f565107545 #Banshee #Stealer #MAC #IOC https://t.co/rphCN7rNsh	2025.04.15

News

(Total : 18)

Total keyword

Browser Malware Report Update RCE Email Google target Campaign attack Phishing Chrome Software Exploit United States Windows Password Attacker Microsoft GameoverP2P Vulnerability Education intelligence MFA Advertising Victim Criminal GitHub Cryptocurrency VPN Stealer Russia Apple c&c Kaspersky hijack ChatGPT Operation Social Engineering Ransomware WhatsApp Trojan payment Lumma njRAT NetWireRC RAT DarkWeb Kali Router Firefox Cisco United Kingdom China RSA Conference LockBit CISA Spain DDoS VirusTotal Telegram Safari Okta RATel RedLine Raccoon Vidar Malvertising ...

No	Title	Date
1	Dark Web Market: STYX Market - Malware.News	2025.04.18
2	Care what you share - Malware.News	2025.04.18
3	Hi, robot: Half of all internet traffic now automated - Malware.News	2025.04.17
4	IT Sicherheitsnews taegliche Zusammenfassung 2025-04-16 18h : 7 posts - IT Sicherheitsnews	2025.04.17
5	Exploiting SMS: Threat Actors Use Social Engineering to Target Companies - Malware.News	2025.04.17

Additional information

No	Title	Date
1	Tesla to Delay Production of Cheaper EVs, Reuters Reports - Bloomberg Technology	2025.04.19
2	When Vulnerability Information Flows are Vulnerable Themselves - Malware.News	2025.04.19
3	CISA warns threat hunting staff of end to Google, Censys contracts as agency cuts set in - Malware.News	2025.04.19
4	Radiology practice reportedly working with FBI after ‘data security incident’ - Malware.News	2025.04.19
5	Text scams grow to steal hundreds of millions of dollars - Malware.News	2025.04.19
View only the last 5

No	Title	Date
1	Dark Web Market: STYX Market - Malware.News	2025.04.18
2	Dark Web Market: STYX Market - Malware.News	2025.04.18
3	Care what you share - Malware.News	2025.04.18
4	Care what you share - Malware.News	2025.04.18
5	Care what you share - Malware.News	2025.04.18
View only the last 5

No	Request	Hash(md5)	Report No	Date
1	1 Podgląd wpisu po zmianie _ C... Client SW User Data Stealer browser info stealer Generic Malware Google Chrome User Data Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection BitCoin Internet API persistenc	0b0afec69e7d62568ab3bfdadc92c631	59177	2025.04.18
2	1 Podgląd wpisu po zmianie _ C... Client SW User Data Stealer browser info stealer Generic Malware Google Chrome User Data Downloader Create Service Socket DGA Http API ScreenShot Escalate priviledges Steal credential PWS Sniff Audio HTTP DNS Code injection BitCoin Internet API persistenc	0b0afec69e7d62568ab3bfdadc92c631	59174	2025.04.18
3	remcos_a.exe Client SW User Data Stealer Backdoor RemcosRAT Browser Login Data Stealer browser info stealer Generic Malware Google Chrome User Data Downloader Malicious Library Malicious Packer UPX Create Service Socket Escalate priviledges PWS Sniff Audio DNS Interne	e3aecc3188eac24edb8e34f5044b3a6a	58998	2025.04.14
4	pdf.ps1 Client SW User Data Stealer Backdoor RemcosRAT browser info stealer Hide_EXE Generic Malware Google Chrome User Data Downloader Malicious Library .NET framework(MSIL) Antivirus Create Service Socket ScreenShot Escalate priviledges PWS Sniff Audio DNS Inte	642647cf863119977d7bd52e848e0cfe	58395	2025.03.31
5	kent.ps1 Client SW User Data Stealer Backdoor RemcosRAT Formbook browser info stealer Hide_EXE Generic Malware Google Chrome User Data Downloader Malicious Library Confuser .NET Antivirus Create Service Socket ScreenShot Escalate priviledges PWS Sniff Audio DNS Co	432719ce1459add67ebe4c01b47310f2	58059	2025.03.13
View only the last 5

Level	Description
watch	Found URLs in memory pointing to an IP address rather than a domain (potentially indicative of Command & Control traffic)
watch	One or more non-whitelisted processes were created
watch	Resumed a suspended thread in a remote process potentially indicative of process injection
notice	Allocates read-write-execute memory (usually to unpack itself)
notice	An application raised an exception which may be indicative of an exploit crash
notice	Potentially malicious URLs were found in the process memory dump
notice	Steals private information from local Internet browsers
notice	Terminates another process
notice	Yara rule detected in process memory
info	Checks if process is being debugged by a debugger
info	One or more processes crashed
info	Tries to locate where the browsers are installed

No data

Beta Service, If you select keyword, you can check detailed information.