popup

Cyber Threat Trends

  1. Week Month

conference CrowdStrike 북한

Summary: 2025/04/17 10:26

First reported date: 2009/11/11
Inquiry period : 2025/04/16 10:26 ~ 2025/04/17 10:26 (1 days), 21 search results

지난 7일 기간대비 52% 높은 트렌드를 보이고 있습니다.
지난 7일 기간대비 상승한 Top5 연관 키워드는 Google Chrome Browser Android Advertising 입니다.
악성코드 유형 Clipbanker 도 새롭게 확인됩니다.
공격기술 Social Engineering 도 새롭게 확인됩니다.
기관 및 기업 Okta UK 도 새롭게 확인됩니다.
기타 advertiser Kritische Sicherheitslücke Webbrowser operator 등 신규 키워드도 확인됩니다.

 * 최근 뉴스기사 Top3:
    ㆍ 2025/04/17 Exploiting SMS: Threat Actors Use Social Engineering to Target Companies
    ㆍ 2025/04/17 IT Sicherheitsnews taegliche Zusammenfassung 2025-04-16 18h : 7 posts
    ㆍ 2025/04/17 Advanced KQL Deep Dive: User State Change Tracking

Trend graph by period


Related keyword cloud
Top 100
# Trend Count Comparison
1Google 21 ▲ 11 (52%)
2Chrome 6 ▲ 5 (83%)
3Browser 5 ▲ 4 (80%)
4Android 4 ▲ 1 (25%)
5Advertising 4 ▲ 3 (75%)
6United States 4 ▲ 2 (50%)
7Malware 4 - 0 (0%)
8Update 3 - 0 (0%)
9Software 3 ▲ 1 (33%)
10ChatGPT 3 ▲ 3 (100%)
11target 3 ▲ 2 (67%)
12last 2 ▲ 2 (100%)
13Zusammenfassung 2 ▲ 2 (100%)
14von 2 ▲ 2 (100%)
15taegliche 2 ▲ 2 (100%)
16MFA 2 ▲ 2 (100%)
17advertiser 2 ▲ new
18RCE 2 ▲ 2 (100%)
19Threat 2 ▲ 1 (50%)
20Sicherheitsnews 2 ▲ 2 (100%)
21hijack 2 ▲ 2 (100%)
22Kritische 2 ▲ new
23AI 2 ▲ 1 (50%)
24Education 2 ▲ 2 (100%)
25intelligence 2 ▲ 1 (50%)
26Windows 2 ▲ 1 (50%)
27Sicherheitslücke 2 ▲ new
28Exploit 2 - 0 (0%)
29Webbrowser 1 ▲ new
30operator 1 ▲ new
31step 1 ▲ new
32user 1 ▲ new
33Googles 1 ▲ 1 (100%)
34abgedichtet 1 ▲ new
35Safari 1 ▲ new
36GeminiApp 1 ▲ new
37RATel 1 ▲ 1 (100%)
38mit 1 ▲ new
39Veo 1 ▲ new
40jetzt 1 ▲ new
41state 1 ▲ new
42Okta 1 ▲ new
43ApplePay 1 ▲ 1 (100%)
44dichtet 1 ▲ new
45Claude 1 ▲ new
46Assistant 1 ▲ new
47Integrate 1 ▲ new
48Talks 1 ▲ new
49Perplexity 1 ▲ new
50Akkuverbrauch 1 ▲ new
51unnötigen 1 ▲ new
52Gegen 1 ▲ new
53ihre 1 ▲ new
54können 1 ▲ new
55Workspace 1 ▲ 1 (100%)
56Anthropic 1 ▲ new
57sense 1 ▲ new
58Tick 1 ▲ 1 (100%)
59Figure 1 ▲ new
60legitimate 1 ▲ 1 (100%)
61Cofense 1 ▲ new
62attack 1 - 0 (0%)
63Email 1 - 0 (0%)
64WhatsApp 1 ▲ 1 (100%)
65Smishing 1 ▲ 1 (100%)
66Victim 1 - 0 (0%)
67IoC 1 ▲ 1 (100%)
68Phishing 1 - 0 (0%)
69Consumer 1 ▲ new
70Social Engineering 1 ▲ new
71Clipbanker 1 ▲ new
72Snapshot 1 ▲ new
73기업 1 ▲ new
74Action 1 ▲ new
75Class 1 ▲ new
76Faces 1 ▲ new
77UK 1 ▲ new
78United Kingdom 1 ▲ 1 (100%)
79fraud 1 ▲ new
80bad 1 ▲ new
81브리지 1 ▲ new
82클라우드 1 - 0 (0%)
83세미나 1 ▲ new
84Schwachstellen 1 - 0 (0%)
85search 1 ▲ new
86unifying 1 ▲ new
87httpstco 1 ▲ new
88payment 1 ▲ 1 (100%)
89Criminal 1 - 0 (0%)
90Hijacking 1 ▲ 1 (100%)
91amp 1 ▲ 1 (100%)
92tap 1 ▲ 1 (100%)
93convenient 1 ▲ 1 (100%)
94NFC 1 ▲ 1 (100%)
95googlepay 1 ▲ 1 (100%)
96Mehrere 1 - 0 (0%)
97Artikel 1 ▲ 1 (100%)
98UNC5221 1 ▲ new
99MWNEWS 1 ▲ 1 (100%)
100Password 1 ▲ 1 (100%)
Special keyword group
Top 5
Malware Type
Malware Type

This is the type of malware that is becoming an issue.

Keyword Average Label
RATel
1 (33.3%)
Clipbanker
1 (33.3%)
Ransomware
1 (33.3%)
Attacker & Actors
Attacker & Actors

The status of the attacker or attack group being issued.

Keyword Average Label
Tick
1 (100%)
Attack technique
Technique

This is an attack technique that is becoming an issue.

Keyword Average Label
RCE
2 (18.2%)
hijack
2 (18.2%)
Exploit
2 (18.2%)
Smishing
1 (9.1%)
Phishing
1 (9.1%)
Country & Company
Country & Company

This is a country or company that is an issue.

Keyword Average Label
Google
21 (63.6%)
United States
4 (12.1%)
Okta
1 (3%)
UK
1 (3%)
United Kingdom
1 (3%)
Threat info
Last 5

SNS

(Total : 4)
  Total keyword

Google Advertising payment hijack Criminal Hijacking

No Title Date
1Kaspersky @kaspersky
That ‘convenient’ tap to pay? Cybercriminals love it too. ???? Hackers are hijacking NFC payments, turning #ApplePay & #GoogleWallet into digital pickpockets. Here’s how they do it—and how to stop them. ???? https://t.co/PcEvcBiatS #CyberSecurity #GooglePay #NFC https://t.co/Cz5CWMO0Ar		2025.04.16
2The Hacker News @TheHackersNews
???? Google blocked 5.1B bad ads and banned 39.2M advertiser accounts in 2024. AI flagged scams, deepfakes, and fraud at scale—700K accounts suspended for impersonating public figures alone. ???? 5.1B bad ads blocked ???? 9.1B restricted ???? 1.3B pages hit ???? 5M+ scam accounts https://t.co/lVWL		2025.04.16
3BleepingComputer @BleepinComputer
Google begins unifying search country domains to https://t.co/xySosAuqcj - @mayank_jee https://t.co/9KFgajPaMy https://t.co/9KFgajPaMy		2025.04.16
4BleepingComputer @BleepinComputer
Google blocked over 5 billion ads in 2024 amid rise in AI-powered scams - @LawrenceAbrams https://t.co/pu6Smrnj1z https://t.co/pu6Smrnj1z		2025.04.16

News

(Total : 17)
  Total keyword

Google Chrome Browser United States Malware Android ChatGPT Software target Update RCE MFA intelligence Exploit Windows Education Advertising Victim IoC Phishing Social Engineering Tick 세미나 Smishing hijack Attacker WhatsApp Okta Email attack Safari United Kingdom RATel Vulnerability ZeroDay Kaspersky Apple Ransomware China Campaign Government Ads Clipbanker UK Europe ...

No Title Date
1IT Sicherheitsnews taegliche Zusammenfassung 2025-04-16 - IT Sicherheitsnews2025.04.17
2Perplexity in Talks to Integrate Assistant Into Samsung, Motorola Phones - Bloomberg Technology2025.04.17
3Gegen unnötigen Akkuverbrauch: So können Android-Entwickler ihre Apps jetzt besser überwachen - IT Sicherheitsnews2025.04.17
4Anthropic vertieft Integration von Claude in Google Workspace - IT Sicherheitsnews2025.04.17
5IT Sicherheitsnews taegliche Zusammenfassung 2025-04-16 18h : 7 posts - IT Sicherheitsnews2025.04.17

Additional information

No Request Hash(md5) Report No Date
1 remcos_a.exe
Client SW User Data Stealer Backdoor RemcosRAT Browser Login Data Stealer browser info stealer Generic Malware Google Chrome User Data Downloader Malicious Library Malicious Packer UPX Create Service Socket Escalate priviledges PWS Sniff Audio DNS Interne 		e3aecc3188eac24edb8e34f5044b3a6a589982025.04.14
2 pdf.ps1
Client SW User Data Stealer Backdoor RemcosRAT browser info stealer Hide_EXE Generic Malware Google Chrome User Data Downloader Malicious Library .NET framework(MSIL) Antivirus Create Service Socket ScreenShot Escalate priviledges PWS Sniff Audio DNS Inte 		642647cf863119977d7bd52e848e0cfe583952025.03.31
3 kent.ps1
Client SW User Data Stealer Backdoor RemcosRAT Formbook browser info stealer Hide_EXE Generic Malware Google Chrome User Data Downloader Malicious Library Confuser .NET Antivirus Create Service Socket ScreenShot Escalate priviledges PWS Sniff Audio DNS Co 		432719ce1459add67ebe4c01b47310f2580592025.03.13
4 nyoilsafkjawd.exe
Client SW User Data Stealer Backdoor RemcosRAT Browser Login Data Stealer browser info stealer Generic Malware Google Chrome User Data Downloader Malicious Library Malicious Packer UPX Create Service Socket ScreenShot Escalate priviledges PWS Sniff Audio 		0bea38a3f664f5c8d72ab74db022aacd580452025.03.12
5 crossings.exe
Client SW User Data Stealer Backdoor RemcosRAT Browser Login Data Stealer browser info stealer Generic Malware Google Chrome User Data Downloader Malicious Library Malicious Packer UPX Create Service Socket ScreenShot Escalate priviledges PWS Sniff Audio 		db59bfef32bc15d53bdf499dd1ae62c4580442025.03.12
View only the last 5
Level Description
danger File has been identified by 66 AntiVirus engines on VirusTotal as malicious
danger The process wscript.exe wrote an executable file to disk which it then attempted to execute
danger Connects to an IP address that is no longer responding to requests (legitimate services will remain up-and-running usually)
danger Executed a process and injected code into it
warning Disables Windows Security features
watch Communicates with host for which no DNS query was performed
watch Installs itself for autorun at Windows startup
watch One or more non-whitelisted processes were created
watch Potential code injection by writing to the memory of another process
watch Resumed a suspended thread in a remote process potentially indicative of process injection
watch Used NtSetContextThread to modify a thread in a remote process indicative of process injection
notice A process attempted to delay the analysis task.
notice A process created a hidden window
notice Checks whether any human activity is being performed by constantly checking whether the foreground window changed
notice Creates a suspicious process
notice Creates executable files on the filesystem
notice Drops a binary and executes it
notice Drops an executable to the user AppData folder
notice One or more potentially interesting buffers were extracted
notice Terminates another process
notice Uses Windows utilities for basic Windows functionality
notice Yara rule detected in process memory
info Checks amount of memory in system
info Checks if process is being debugged by a debugger
info Command line console output was observed
info The executable contains unknown PE section names indicative of a packer (could be a false positive)
No data
No data
Beta Service, If you select keyword, you can check detailed information.