Cyber Threat Trends

Summary: 2025/04/15 18:47

First reported date: 2012/01/05
Inquiry period : 2025/04/14 18:47 ~ 2025/04/15 18:47 (1 days), 5 search results

지난 7일 기간대비 -80% 낮은 트렌드를 보이고 있습니다.
지난 7일 기간대비 상승한 Top5 연관 키워드는 Use Facebook AI RealTime Crypto 입니다.
공격자 Anonymous 도 새롭게 확인됩니다.
기관 및 기업 Europe 도 새롭게 확인됩니다.
기타 legitlooking familiar filesharing service Pharma 등 신규 키워드도 확인됩니다.

* 최근 뉴스기사 Top3:
    ㆍ 2025/04/15 Meta slurps up EU user data for AI training
    ㆍ 2025/04/15 ResolverRAT Campaign Targets Healthcare, Pharma via Phishing and DLL Side-Loading
    ㆍ 2025/04/14 Phishing Campaigns Use Real-Time Checks to Validate Victim Emails Before Credential Theft

Date range button:

First seen:

Last seen:

Keyword

Trend graph by period

Related keyword cloud

Top 100

#	Trend	Count	Comparison
1	Email	5	▼ -4 (-80%)
2	Phishing	2	▼ -1 (-50%)
3	Report	2	▼ -1 (-50%)
4	Campaign	2	- 0 (0%)
5	attack	2	- 0 (0%)
6	Use	1	▲ 1 (100%)
7	Anonymous	1	▲ new
8	legitlooking	1	▲ new
9	familiar	1	▲ new
10	filesharing	1	▲ new
11	service	1	▲ new
12	Exploit	1	- 0 (0%)
13	Malware	1	▼ -3 (-300%)
14	Facebook	1	▲ 1 (100%)
15	Pharma	1	▲ new
16	Education	1	- 0 (0%)
17	Europe	1	▲ new
18	Operation	1	- 0 (0%)
19	AI	1	▲ 1 (100%)
20	Meta	1	▲ new
21	EU	1	▲ new
22	getshared	1	▲ new
23	Healthcare	1	▲ new
24	RealTime	1	▲ 1 (100%)
25	United States	1	▼ -2 (-200%)
26	Checks	1	▲ new
27	Validate	1	▲ new
28	Alleged	1	- 0 (0%)
29	US	1	- 0 (0%)
30	Crypto	1	▲ 1 (100%)
31	Database	1	▲ 1 (100%)
32	Leak	1	▲ 1 (100%)
33	Cryptocurrency	1	▲ 1 (100%)
34	Targets	1	▲ new
35	NetWireRC	1	▲ 1 (100%)
36	Campaigns	1	▲ new
37	RAT	1	▲ 1 (100%)
38	Trojan	1	▲ 1 (100%)
39	target	1	▼ -1 (-100%)
40	Victim	1	- 0 (0%)
41	ResolverRAT	1	▲ new
42	model	1	▲ 1 (100%)

Special keyword group

Top 5

Malware Type

This is the type of malware that is becoming an issue.

Keyword	Average	Label
NetWireRC		1 (33.3%)
RAT		1 (33.3%)
Trojan		1 (33.3%)

Attacker & Actors

The status of the attacker or attack group being issued.

Keyword	Average	Label
Anonymous		1 (100%)

Technique

This is an attack technique that is becoming an issue.

Keyword	Average	Label
Phishing		2 (40%)
Campaign		2 (40%)
Exploit		1 (20%)

Country & Company

This is a country or company that is an issue.

Keyword	Average	Label
Europe		1 (33.3%)
United States		1 (33.3%)
US		1 (33.3%)

Threat info

Last 5

SNS

(Total : 2)

Total keyword

Email US United States Cryptocurrency attack Exploit

No	Title	Date
1	Kaspersky @kaspersky A legit-looking email. A familiar file-sharing service. A hidden trap. ‼️ Scammers are now exploiting #GetShared to slip malicious files past your defenses. Here’s how the attack works—and how to spot it before you click. ???? https://t.co/WmZAnfs20f #CyberSecurity https://t.co/40VDKtZguX	2025.04.15
2	Dark Web Informer - Cyber Threat Intelligence @DarkWebInformer ???????????? Alleged U.S. Crypto Database Leak – 18M+ Records A threat actor is allegedly selling a large U.S.-based cryptocurrency user database, sourced from multiple exchanges and platforms. ???? Total: 18M+ lines across 20+ services ???? Price: $10,000 ???? Fields: name, email, phone, https://	2025.04.14

News

(Total : 3)

Total keyword

Email Phishing Report Campaign Operation Europe Education Facebook Anonymous Malware attack target Trojan RAT NetWireRC Victim

No	Title	Date
1	Meta slurps up EU user data for AI training - Malware.News	2025.04.15
2	ResolverRAT Campaign Targets Healthcare, Pharma via Phishing and DLL Side-Loading - The Hacker News	2025.04.15
3	Phishing Campaigns Use Real-Time Checks to Validate Victim Emails Before Credential Theft - The Hacker News	2025.04.14

Additional information

No	Title	Date
1	Closing the Gap: How to Build a Consistent Exposure and Vulnerability Management Workflow - Malware.News	2025.04.15
2	Colleges and Schools Now Top Targets for Online Threat Actors - Malware.News	2025.04.15
3	Trump Revenge Tour Targets Cyber Leaders, Elections - Malware.News	2025.04.15
4	GenAI vulnerabilities fixed only 21% of the time after pentesting - Malware.News	2025.04.15
5	Meta slurps up EU user data for AI training - Malware.News	2025.04.15
View only the last 5

No	Title	Date
1	Can you get emotionally attached to AI tools such as ChatGPT and Grok? - Malware.News	2025.04.14
2	Can you get emotionally attached to AI tools such as ChatGPT and Grok? - Malware.News	2025.04.14
3	The Pall Mall Pact and why it matters - Malware.News	2025.04.12
4	The Pall Mall Pact and why it matters - Malware.News	2025.04.12
5	Cyberattack-concealing spam bombing examined - Malware.News	2025.04.11
View only the last 5

No	Request	Hash(md5)	Report No	Date
1	111_2023-04-07_08-22.exe email stealer Downloader Malicious Library Socket ScreenShot Escalate priviledges PWS Sniff Audio DNS Code injection persistence KeyLogger AntiDebug AntiVM PE File PE32	b1c1243d05e33560bfbda42ce515db8f	54563	2024.10.09
2	download.ics email stealer DGA Http API ScreenShot Escalate priviledges PWS HTTP Internet API KeyLogger AntiDebug AntiVM	7be2232d72dff43cf090b194542cf229	51915	2024.07.23
3	xnnwljxxbbawjwlmac.exe email stealer Generic Malware Possible Infostealer Activity Downloader .NET framework(MSIL) Antivirus Socket Escalate priviledges PWS DNS Code injection Internet API persistence KeyLogger AntiDebug AntiVM PE32 PE File .NET EXE	0c74bc9529b8d9f96fc7e1b47559abd1	48467	2024.02.13
4	conhost.exe Gen1 email stealer Downloader .NET framework(MSIL) UPX Malicious Packer Malicious Library Escalate priviledges PWS DNS Code injection persistence KeyLogger AntiDebug AntiVM PE32 PE File .NET EXE OS Processor Check DLL	d1ebfffb918cb931ae8e6ef5546b9efa	47762	2024.01.31
5	a.exe email stealer Downloader .NET framework(MSIL) Socket ScreenShot Escalate priviledges PWS Sniff Audio DNS Code injection persistence KeyLogger AntiDebug AntiVM PE File PE32 .NET EXE	248fdd80b574b1379fe4f6f1cee40091	46404	2023.11.07
View only the last 5

Level	Description
danger	File has been identified by 59 AntiVirus engines on VirusTotal as malicious
danger	Connects to an IP address that is no longer responding to requests (legitimate services will remain up-and-running usually)
danger	Executed a process and injected code into it
watch	Allocates execute permission to another process indicative of possible code injection
watch	Attempts to remove evidence of file being downloaded from the Internet
watch	Communicates with host for which no DNS query was performed
watch	Potential code injection by writing to the memory of another process
watch	Resumed a suspended thread in a remote process potentially indicative of process injection
watch	Used NtSetContextThread to modify a thread in a remote process indicative of process injection
notice	Allocates read-write-execute memory (usually to unpack itself)
notice	One or more potentially interesting buffers were extracted
notice	Potentially malicious URLs were found in the process memory dump
notice	The binary likely contains encrypted or compressed data indicative of a packer
notice	Yara rule detected in process memory
info	Checks amount of memory in system
info	Checks if process is being debugged by a debugger
info	This executable has a PDB path

No data

Beta Service, If you select keyword, you can check detailed information.