Cyber Threat Trends

Summary: 2025/04/19 12:14

First reported date: 2013/05/20
Inquiry period : 2025/04/12 12:14 ~ 2025/04/19 12:14 (7 days), 12 search results

전 기간대비 50% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 Fake Campaign target Microsoft 입니다.
악성코드 유형 NetWireRC SectopRAT RAT 도 새롭게 확인됩니다.
공격기술 Phishing hijack Smishing ClickFix RCE Hijacking 도 새롭게 확인됩니다.
기관 및 기업 United States Binance North Korea Japan dprk South Korea China 도 새롭게 확인됩니다.
기타 Crypto Follow exchange amp payment 등 신규 키워드도 확인됩니다.

* 최근 뉴스기사 Top3:
ㆍ 2025/04/16 “Follow me” to this fake crypto exchange to claim $500
ㆍ 2025/04/16 “Follow me” to this fake crypto exchange to claim $500

Date range button:

First seen:

Last seen:

Keyword

Trend graph by period

Related keyword cloud

Top 100

#	Trend	Count	Comparison
1	Fake	12	▲ 6 (50%)
2	Campaign	4	▲ 3 (75%)
3	Malware	3	▼ -1 (-33%)
4	Phishing	3	▲ new
5	Crypto	3	▲ new
6	target	3	▲ 1 (33%)
7	Follow	2	▲ new
8	NetWireRC	2	▲ new
9	exchange	2	▲ new
10	Microsoft	2	▲ 1 (50%)
11	United States	2	▲ new
12	hijack	2	▲ new
13	amp	2	▲ new
14	payment	2	▲ new
15	Alert	2	▲ new
16	Criminal	1	- 0 (0%)
17	Python	1	- 0 (0%)
18	Smishing	1	▲ new
19	Texts	1	▲ new
20	EZPass	1	▲ new
21	lucky	1	▲ new
22	AI	1	▲ new
23	tool	1	▲ new
24	Gamma	1	▲ new
25	Binance	1	▲ new
26	Report	1	▲ new
27	ClickFix	1	▲ new
28	toll	1	▲ new
29	SectopRAT	1	▲ new
30	WhatsApp	1	▲ new
31	Browser	1	▲ new
32	RCE	1	▲ new
33	Password	1	▲ new
34	powershell	1	▲ new
35	NodejsPowered	1	▲ new
36	sponsored	1	▲ new
37	Thousands	1	▲ new
38	reward	1	▲ new
39	account	1	- 0 (0%)
40	itworker	1	▲ new
41	devs	1	▲ new
42	attack	1	▼ -1 (-100%)
43	cti	1	▲ new
44	North	1	▲ new
45	Korean	1	▲ new
46	Workers	1	▲ new
47	North Korea	1	▲ new
48	Software	1	▲ new
49	KIChatbots	1	▲ new
50	und	1	▲ new
51	füttert	1	▲ new
52	Russland	1	▲ new
53	realtime	1	▲ new
54	highvalue	1	▲ new
55	login	1	▲ new
56	Email	1	▲ new
57	pastehijacking	1	▲ new
58	Japan	1	▲ new
59	United	1	▲ new
60	IRS	1	▲ new
61	FQDNs	1	▲ new
62	Hijacking	1	▲ new
63	Russia	1	- 0 (0%)
64	Kaspersky	1	- 0 (0%)
65	ThreatProtection	1	▲ new
66	cybercrime	1	▲ new
67	spyware	1	▲ new
68	MissAV	1	▲ new
69	SpyNote	1	▲ new
70	RAT	1	▲ new
71	dprk	1	▲ new
72	South Korea	1	▲ new
73	China	1	▲ new

Special keyword group

Top 5

Malware Type

This is the type of malware that is becoming an issue.

Keyword	Average	Label
NetWireRC		2 (50%)
SectopRAT		1 (25%)
RAT		1 (25%)

Attacker & Actors

The status of the attacker or attack group being issued.

No data.

Technique

This is an attack technique that is becoming an issue.

Keyword	Average	Label
Campaign		4 (30.8%)
Phishing		3 (23.1%)
hijack		2 (15.4%)
Smishing		1 (7.7%)
ClickFix		1 (7.7%)

Country & Company

This is a country or company that is an issue.

Keyword	Average	Label
Microsoft		2 (16.7%)
United States		2 (16.7%)
Binance		1 (8.3%)
North Korea		1 (8.3%)
Japan		1 (8.3%)

Threat info

Last 5

SNS

(Total : 9)

Total keyword

Campaign target Phishing Malware Microsoft payment United States hijack NetWireRC Japan powershell SectopRAT ClickFix Binance Smishing RAT South Korea North Korea Email attack dprk Hijacking Russia Kaspersky spyware China

No	Title	Date
1	The Hacker News @TheHackersNews ⚠️ Alert: Fake E-ZPass Texts Target Drivers in 8 U.S. States A widespread smishing scam is tricking drivers into fake toll payments to steal card info. ???? Linked to China-based Smishing Triad ???? Phishing kits sold by CS student Wang Duo Yu ???? Used in 121+ countries ???? Full https://t.co/es	2025.04.18
2	The Hacker News @TheHackersNews ???? Microsoft Alert: Node.js-Powered Malware Campaign Ongoing... Since Oct 2024, fake Binance & TradingView installers have been used to deploy malware via Node.js and PowerShell. Linked threats include ClickFix tricks, SectopRAT malware, fake PDF tools, and HR-themed phishing https://t.co/0J	2025.04.17
3	BleepingComputer @BleepinComputer ????Thousands tricked by fake reward & toll scam texts. CTM360 exposes PointyPhish & TollShark—SMS phishing campaigns powered by the Darcula PhaaS, with 5K+ domains stealing payment info worldwide. ???? Learn more from @teamCTM360: https://t.co/cn1PydSNPX #cybersecurity #sponsored	2025.04.17
4	The Hacker News @TheHackersNews ⚠️ Hackers are abusing AI tool Gamma to craft fake presentations that lead you to spoofed Microsoft SharePoint logins—and even fake CAPTCHA pages to dodge security scans. ????Details: https://t.co/AO4Q5KKYW5	2025.04.16
5	Threat Intelligence @threatintel #ThreatProtection SpyNote RAT masquerades as a fake MissAV APK, targeting mobile users in Japan, South Korea, and beyond. Hosted on a malicious domain created after the main MissAV site was seized. https://t.co/o0V6rnx5s0 #Cybersecurity #Cybercrime #Spyware	2025.04.15

News

(Total : 3)

Total keyword

Software Campaign Password RCE Browser WhatsApp Criminal Report Malware

No	Title	Date
1	“Follow me” to this fake crypto exchange to claim $500 - Malware.News	2025.04.16
2	“Follow me” to this fake crypto exchange to claim $500 - Malwarebytes Labs	2025.04.16
3	Perfides LLM-Grooming: So füttert Russland KI-Chatbots mit Fake News – und keiner merkt es - IT Sicherheitsnews	2025.04.13

Additional information

No	Title	Date
1	Tesla to Delay Production of Cheaper EVs, Reuters Reports - Bloomberg Technology	2025.04.19
2	When Vulnerability Information Flows are Vulnerable Themselves - Malware.News	2025.04.19
3	CISA warns threat hunting staff of end to Google, Censys contracts as agency cuts set in - Malware.News	2025.04.19
4	Radiology practice reportedly working with FBI after ‘data security incident’ - Malware.News	2025.04.19
5	Text scams grow to steal hundreds of millions of dollars - Malware.News	2025.04.19
View only the last 5

No	Title	Date
1	Threat Actors Exploit Fake CAPTCHAs and Cloudflare Turnstile to Distribute LegionLoader - Malware.News	2025.04.07
2	Why we’re no longer doing April Fools’ Day - Malware.News	2025.03.31
3	Malware distributed via fake DeepSeek ads on Google - Malware.News	2025.03.28
4	Threat Actors Use Fake Booking.com Emails to Deceive Hotel Staff and Gain System Access - Malware.News	2025.03.27
5	DeepSeek users targeted with fake sponsored Google ads that deliver malware - Malware.News	2025.03.26
View only the last 5

No data

No	URL	CC	ASN Co	Reporter	Date
1	http://romainthomas.fr/post/android-crackme/crackme-telegram.apk apk Fake telegram	FR	OVH SAS	abus3reports	2024.11.03
2	https://electrum-dash.org/download/electrum-dash-4.1.7.5.exe exe Fake infostealer	GB		ninjacatcher	2024.10.07
3	https://electrum-dash.org/download/electrum-dash-4.1.7.5-x86_64.AppImage exe Fake infostealer	GB		ninjacatcher	2024.10.07
4	https://electrum-dash.org/download/electrum-dash-4.1.7.5.dmg exe Fake infostealer	GB		ninjacatcher	2024.10.07
5	https://adobeacrobat.help/AdobeUpdate.pdf Fake PDF RemoteAdmin			kddx0178318	2024.09.16
View only the last 5

Beta Service, If you select keyword, you can check detailed information.