Cyber Threat Trends

Summary: 2025/04/25 01:07

First reported date: 2011/01/20
Inquiry period : 2025/04/24 01:07 ~ 2025/04/25 01:07 (1 days), 4 search results

지난 7일 기간대비 -25% 낮은 트렌드를 보이고 있습니다.
지난 7일 기간대비 상승한 Top5 연관 키워드는 Malware Exploit Report ZeroDay Vulnerability 입니다.
악성코드 유형 DslogdRAT rurat RMS 도 새롭게 확인됩니다.
공격자 UNC5221 도 새롭게 확인됩니다.
공격기술 Webshell hacking 도 새롭게 확인됩니다.
기관 및 기업 Japan CISA Google SentinelOne NSA UN 도 새롭게 확인됩니다.
기타 shell time installation persistencia recent 등 신규 키워드도 확인됩니다.

Netwire is an advanced RAT — it is a malware that takes control of infected PCs and allows its operators to perform various actions. Unlike many RATs, this one can target every major operating system, including Windows, Linux, and MacOS.  Ref.

* 최근 뉴스기사 Top3:
    ㆍ 2025/04/24 DslogdRAT Malware Installed in Ivanti Connect Secure
    ㆍ 2025/04/24 Top intelligence lawmaker fears China may exploit DOGE’s changes to government

참고로 동일한 그룹의 악성코드 타입은 Remcos njRAT QuasarRAT 등 112개 종이 확인됩니다.

Date range button:

First seen:

Last seen:

Keyword

Trend graph by period

Related keyword cloud

Top 100

#	Trend	Count	Comparison
1	NetWireRC	4	▼ -1 (-25%)
2	Malware	3	▲ 1 (33%)
3	Exploit	3	▲ 3 (100%)
4	Report	2	▲ 1 (50%)
5	DslogdRAT	2	▲ new
6	ZeroDay	2	▲ 2 (100%)
7	Vulnerability	2	▲ 2 (100%)
8	attack	2	▲ 1 (50%)
9	Japan	2	▲ new
10	target	2	▲ 1 (50%)
11	RCE	2	▲ 2 (100%)
12	intelligence	2	▲ 2 (100%)
13	CISA	2	▲ new
14	Update	2	▲ 1 (50%)
15	China	2	▲ 1 (50%)
16	Campaign	2	▲ 1 (50%)
17	Webshell	1	▲ new
18	Operation	1	▲ 1 (100%)
19	Google	1	▲ new
20	Advertising	1	▲ 1 (100%)
21	c&c	1	▼ -1 (-100%)
22	Password	1	▲ 1 (100%)
23	UNC5221	1	▲ new
24	shell	1	▲ new
25	C2	1	▼ -1 (-100%)
26	time	1	▲ new
27	installation	1	▲ new
28	persistencia	1	▲ new
29	recent	1	▲ new
30	href	1	▲ new
31	United States	1	- 0 (0%)
32	Volt Typhoon	1	▲ 1 (100%)
33	MgBot	1	▲ 1 (100%)
34	SentinelOne	1	▲ new
35	hacking	1	▲ new
36	NSA	1	▲ new
37	Government	1	▲ 1 (100%)
38	NextgovFCW	1	▲ new
39	cybersec	1	▲ new
40	lta	1	▲ new
41	rurat	1	▲ new
42	es	1	▲ new
43	Además	1	▲ new
44	instalar	1	▲ new
45	desactivar	1	▲ new
46	UN	1	▲ new
47	RMS	1	▲ new
48	Proxy	1	▲ new

Special keyword group

Top 5

Malware Type

This is the type of malware that is becoming an issue.

Keyword	Average	Label
NetWireRC		4 (44.4%)
DslogdRAT		2 (22.2%)
MgBot		1 (11.1%)
rurat		1 (11.1%)
RMS		1 (11.1%)

Attacker & Actors

The status of the attacker or attack group being issued.

Keyword	Average	Label
UNC5221		1 (50%)
Volt Typhoon		1 (50%)

Technique

This is an attack technique that is becoming an issue.

Keyword	Average	Label
Exploit		3 (33.3%)
RCE		2 (22.2%)
Campaign		2 (22.2%)
Webshell		1 (11.1%)
hacking		1 (11.1%)

Country & Company

This is a country or company that is an issue.

Keyword	Average	Label
Japan		2 (16.7%)
CISA		2 (16.7%)
China		2 (16.7%)
Google		1 (8.3%)
United States		1 (8.3%)

Malware Family

Top 5

A malware family is a group of applications with similar attack techniques.
In this trend, it is classified into Ransomware, Stealer, RAT or Backdoor, Loader, Botnet, Cryptocurrency Miner.

Threat info

Last 5

SNS

(Total : 2)

Total keyword

NetWireRC rurat Japan attack Exploit Vulnerability ZeroDay Malware DslogdRAT Report RMS UN Attacker

No	Title	Date
1	Germán Fernández @1ZRR4H 2/ Además de instalar persistencia, desactivar AV's y eliminar arranque en modo seguro (entre otras cosas), también implementa: 1.- "fisherprice.msi" es #RuRAT (Remote Utilities) con conexión hacia el dominio ru.elquecreeenmiviviraporsiempre.xyz ???? 2.- "4.dll" es un binario en https://t.co/hgNLs9	2025.04.24
2	Cyber_OSINT @Cyber_O51NT A recent report highlights the installation of DslogdRAT malware in Ivanti Connect Secure, exploiting a zero-day vulnerability (CVE-2025-0282) and enabling attackers to execute commands via a web shell in attacks against Japanese organizations. #CyberSec… https://t.co/MbDUi3uGON	2025.04.24

News

(Total : 2)

Total keyword

NetWireRC intelligence Campaign China Malware Update Exploit target CISA RCE Advertising Google Webshell attack Password Operation Japan UNC5221 DslogdRAT C2 ZeroDay Attacker c&c Report Vulnerability Government NSA hacking SentinelOne MgBot Volt Typhoon United States

No	Title	Date
1	DslogdRAT Malware Installed in Ivanti Connect Secure - Malware.News	2025.04.24
2	Top intelligence lawmaker fears China may exploit DOGE’s changes to government - Malware.News	2025.04.24

Additional information

No	Title	Date
1	Zoom attack tricks victims into allowing remote access to install malware and steal money - Malware.News	2025.04.25
2	Novel affiliate models unveiled by ransomware operations - Malware.News	2025.04.25
3	WorkComposer misconfiguration exposes over 21M screenshots - Malware.News	2025.04.25
4	Web3, cryptocurrency sectors targeted by North Korean hackers - Malware.News	2025.04.25
5	Web skimmer campaign targets Caritas Spain's donation sites - Malware.News	2025.04.25
View only the last 5

No	Title	Date
1	DslogdRAT Malware Installed in Ivanti Connect Secure - Malware.News	2025.04.24
2	DslogdRAT Malware Installed in Ivanti Connect Secure - Malware.News	2025.04.24
3	Top intelligence lawmaker fears China may exploit DOGE’s changes to government - Malware.News	2025.04.24
4	Top intelligence lawmaker fears China may exploit DOGE’s changes to government - Malware.News	2025.04.24
5	Top intelligence lawmaker fears China may exploit DOGE’s changes to government - Malware.News	2025.04.24
View only the last 5

No data

Beta Service, If you select keyword, you can check detailed information.