Cyber Threat Trends

Summary: 2025/04/15 19:14

First reported date: 2008/06/10
Inquiry period : 2025/04/14 19:14 ~ 2025/04/15 19:14 (1 days), 17 search results

지난 7일 기간대비 -29% 낮은 트렌드를 보이고 있습니다.
지난 7일 기간대비 상승한 Top5 연관 키워드는 Malware DarkWeb RCE United Kingdom Russia 입니다.
악성코드 유형 MedusaLocker HyperSSL 도 새롭게 확인됩니다.
공격자 APT35 도 새롭게 확인됩니다.
기관 및 기업 Israel 도 새롭게 확인됩니다.
기타 Pawnee Unified Heights DaVita bit 등 신규 키워드도 확인됩니다.

* 최근 뉴스기사 Top3:
    ㆍ 2025/04/15 Aufschlüsselung von Ransomware-as-a-Service
    ㆍ 2025/04/14 14th April – Threat Intelligence Report
    ㆍ 2025/04/14 Nearly $23M lost in ransomware attack against IKEA operator

참고로 동일한 그룹의 악성코드 타입은 WannaCry Sodinokibi Phobos 등 78개 종이 확인됩니다.

Date range button:

First seen:

Last seen:

Keyword

Trend graph by period

Related keyword cloud

Top 100

#	Trend	Count	Comparison
1	Ransomware	17	▼ -5 (-29%)
2	Victim	7	▼ -3 (-43%)
3	Malware	5	▲ 1 (20%)
4	Alert	5	▼ -2 (-40%)
5	Report	4	- 0 (0%)
6	attack	4	▼ -1 (-25%)
7	DarkWeb	3	▲ 1 (33%)
8	United States	3	▼ -1 (-33%)
9	Vulnerability	2	- 0 (0%)
10	RCE	2	▲ 1 (50%)
11	Pawnee	2	▲ new
12	United Kingdom	2	▲ 1 (50%)
13	Russia	2	▲ 2 (100%)
14	Campaign	2	- 0 (0%)
15	Criminal	2	▲ 1 (50%)
16	hacking	2	▲ 1 (50%)
17	Windows	2	- 0 (0%)
18	Unified	2	▲ new
19	Exploit	2	▼ -1 (-50%)
20	Update	2	▼ -1 (-50%)
21	Heights	2	▲ new
22	MWNEWS	2	▲ 1 (50%)
23	group	2	- 0 (0%)
24	DaVita	2	▲ new
25	PLAY	2	▲ 2 (100%)
26	bit	1	▲ new
27	few	1	▲ new
28	Education	1	- 0 (0%)
29	light	1	▲ new
30	Nine	1	▲ new
31	Iran	1	▲ 1 (100%)
32	ESET	1	▲ 1 (100%)
33	Names	1	▲ 1 (100%)
34	District	1	▲ 1 (100%)
35	공격	1	▲ 1 (100%)
36	School	1	▲ new
37	교육	1	▲ new
38	EDR	1	▲ 1 (100%)
39	APT35	1	▲ new
40	due	1	▲ new
41	Phishing	1	- 0 (0%)
42	dark	1	▲ 1 (100%)
43	RaaS	1	▲ 1 (100%)
44	RansomwareasaService	1	▲ new
45	und	1	▲ new
46	Aufschlüsselung	1	▲ new
47	von	1	▲ new
48	ist	1	▲ new
49	DarkAtlas	1	▲ new
50	Squad	1	▲ new
51	Akira	1	- 0 (0%)
52	Ransomwares	1	▲ new
53	China	1	- 0 (0%)
54	North Korea	1	▲ 1 (100%)
55	DragonForce	1	- 0 (0%)
56	Israel	1	▲ new
57	Ex	1	▲ new
58	httpstconbnDrxxH	1	▲ new
59	NL	1	▲ new
60	Olson	1	▲ new
61	amp	1	- 0 (0%)
62	firm	1	▲ new
63	Dialysis	1	▲ new
64	Qilin	1	- 0 (0%)
65	archive	1	▲ new
66	detection	1	▲ new
67	theyre	1	▲ new
68	Advertising	1	- 0 (0%)
69	Operation	1	▼ -1 (-100%)
70	IKEA	1	▲ 1 (100%)
71	operator	1	▲ new
72	April	1	- 0 (0%)
73	Hits	1	▲ new
74	ZeroDay	1	▼ -1 (-100%)
75	Check Point	1	▲ 1 (100%)
76	WhatsApp	1	▲ new
77	Twitter	1	▲ 1 (100%)
78	Linux	1	▲ new
79	Deface	1	- 0 (0%)
80	MedusaLocker	1	▲ new
81	HyperSSL	1	▲ new
82	Microsoft	1	▼ -1 (-100%)
83	Kidney	1	▲ new
84	Ucraina	1	▲ 1 (100%)
85	Android	1	▲ 1 (100%)
86	Kaspersky	1	- 0 (0%)
87	Clop	1	- 0 (0%)
88	ToddyCat	1	▲ new
89	Care	1	▲ new
90	기관	1	▲ new

Special keyword group

Top 5

Malware Type

This is the type of malware that is becoming an issue.

Keyword	Average	Label
Ransomware		17 (81%)
Akira		1 (4.8%)
MedusaLocker		1 (4.8%)
HyperSSL		1 (4.8%)
Clop		1 (4.8%)

Attacker & Actors

The status of the attacker or attack group being issued.

Keyword	Average	Label
APT35		1 (100%)

Technique

This is an attack technique that is becoming an issue.

Keyword	Average	Label
RCE		2 (20%)
Campaign		2 (20%)
hacking		2 (20%)
Exploit		2 (20%)
Phishing		1 (10%)

Country & Company

This is a country or company that is an issue.

Keyword	Average	Label
United States		3 (18.8%)
United Kingdom		2 (12.5%)
Russia		2 (12.5%)
Iran		1 (6.3%)
ESET		1 (6.3%)

Malware Family

Top 5

A malware family is a group of applications with similar attack techniques.
In this trend, it is classified into Ransomware, Stealer, RAT or Backdoor, Loader, Botnet, Cryptocurrency Miner.

Threat info

Last 5

SNS

(Total : 11)

Total keyword

Ransomware Victim DarkWeb Exploit attack United States RCE Akira Windows Update Attacker Criminal Advertising Malware Report

No	Title	Date
1	FalconFeeds.io @FalconFeedsio ???? Ransomware Alert: Pawnee Heights Unified School District 496(https://t.co/BSMCJWt9SR), a public school district dedicated to providing a safe and supportive learning environment that equips students with academic, technical, social, and lifelong skills for success as https://t.co/AYPZuOgxdK	2025.04.15
2	FalconFeeds.io @FalconFeedsio ???? DragonForce Ransomware Alert ???? DragonForce Ransomware has added 3 new victims to their dark web portal. - Pratt Homes ???????? - PryorMorrow ???????? - KraftKisarna AB ???????? https://t.co/RKgL4T4B0D	2025.04.15
3	Cyber_OSINT @Cyber_O51NT The DarkAtlas Squad reports on the Akira Ransomware's rise, detailing its exploits, known tools, behaviors on Windows, and methods for initial access and data exfiltration. #Ransomware #Cybersecurity https://t.co/vPxXHyqFLY	2025.04.15
4	Kaspersky @kaspersky Attackers often hide malware in archive files to evade detection and deliver payloads like ransomware. Since these files are widely trusted, they’re a common attack vector. Here’s how cybercriminals exploit archives - and how to secure your systems against them ???? https://t.co/SydkDfp8XA	2025.04.14
5	FalconFeeds.io @FalconFeedsio ???? PLAY Ransomware Alert ???? PLAY Ransomware group has added 9 new victims to their darkweb portal. * Waller Corporation ???????? * MBL Architecture ???????? * Cortez Resources, LLC???????? * Comport Consulting ???????? * Merri Makers Catering ???????? * O'Brien & Ryan, LLP???????? * Voigt-	2025.04.14

News

(Total : 6)

Total keyword

Ransomware Malware Report attack hacking United Kingdom United States Vulnerability Campaign Russia Update ZeroDay RaaS APT35 Twitter Phishing North Korea China Iran EDR Criminal Education ESET 교육 WhatsApp Check Point Windows ToddyCat RCE Operation Clop Linux Kaspersky Android Ucraina Victim Attacker Microsoft Israel HyperSSL MedusaLocker Deface

No	Title	Date
1	전 세계 교육기관 '사이버 공격 쓰나미'… 중국·이란 연계 'APT 그룹' 표적 - 시큐리티팩트	2025.04.15
2	Aufschlüsselung von Ransomware-as-a-Service - Malware.News	2025.04.15
3	14th April – Threat Intelligence Report - Malware.News	2025.04.14
4	Ransomware Hits DaVita, Kidney Care Provider Serving Hospitals - Bloomberg Technology	2025.04.14
5	Nearly $23M lost in ransomware attack against IKEA operator - Malware.News	2025.04.14

Additional information

No	Title	Date
1	Closing the Gap: How to Build a Consistent Exposure and Vulnerability Management Workflow - Malware.News	2025.04.15
2	Colleges and Schools Now Top Targets for Online Threat Actors - Malware.News	2025.04.15
3	Trump Revenge Tour Targets Cyber Leaders, Elections - Malware.News	2025.04.15
4	GenAI vulnerabilities fixed only 21% of the time after pentesting - Malware.News	2025.04.15
5	Meta slurps up EU user data for AI training - Malware.News	2025.04.15
View only the last 5

No	Title	Date
1	전 세계 교육기관 '사이버 공격 쓰나미'… 중국·이란 연계 'APT 그룹' 표적 - 시큐리티팩트	2025.04.15
2	14th April – Threat Intelligence Report - Malware.News	2025.04.14
3	14th April – Threat Intelligence Report - Malware.News	2025.04.14
4	14th April – Threat Intelligence Report - Malware.News	2025.04.14
5	A week in security (April 7 – April 13) - Malware.News	2025.04.14
View only the last 5

No	Request	Hash(md5)	Report No	Date
1	hello.exe Ransomware Malicious Library .NET EXE PE32 PE File	69d1c11ae24884ea55ab39787853ad0c	55331	2024.11.13

Level	Description
danger	File has been identified by 58 AntiVirus engines on VirusTotal as malicious
notice	Allocates read-write-execute memory (usually to unpack itself)
info	Checks amount of memory in system
info	Checks if process is being debugged by a debugger
info	Collects information to fingerprint the system (MachineGuid
info	The executable contains unknown PE section names indicative of a packer (could be a false positive)

No data

No	URL	CC	ASN Co	Reporter	Date
1	https://hilarious-trifle-d9182e.netlify.app/lootsubmit.ps1 fog Ransomware	SG	AMAZON-02	JAMESWT_WT	2025.04.04
2	https://hilarious-trifle-d9182e.netlify.app/cwiper.exe fog Ransomware	SG	AMAZON-02	JAMESWT_WT	2025.04.04
3	https://hilarious-trifle-d9182e.netlify.app/Pay fog Ransomware	SG	AMAZON-02	JAMESWT_WT	2025.04.04
4	https://hilarious-trifle-d9182e.netlify.app/stage1.ps1 fog Ransomware	SG	AMAZON-02	JAMESWT_WT	2025.04.04
5	https://hilarious-trifle-d9182e.netlify.app/Pay%20Adjustment.zip fog Ransomware	SG	AMAZON-02	JAMESWT_WT	2025.04.04
View only the last 5

Beta Service, If you select keyword, you can check detailed information.