VERY IMPORTANT

BlackMoon Trojan is a banking trojan that is designed to phish user credentials from various South Korean banking institutions. It was discovered in early 2014 and was named after a debug string, “BlackMoon”, that was present in its code. While the BlackMoon malware code has been constantly updated by its perpetrators, the extent of the campaign's infection is previously unknown. This post intends to share the findings of the FortiGuard Lion Team on BlackMoon’s prevalence and its latest code updates.