Thursday, July 21, 2016

Feedly:Fortinet Blog | News and Threat Research - All Posts. A Peek into BlackMoon’s Sustained Attacks against South Korea



from Fortinet Blog | News and Threat Research - All Posts

A few months ago, we talked about a malicious campaign that targets South Korean users in the form of malware known as BlackMoon. BlackMoon is a banking Trojan that installs a proxy auto-config file (PAC) on an infected system in order to redirect users’ browsers to phishing pages related to South Korean banks. Back then, we noticed an open directory in the C&C that revealed over 100,000 victims. Given this impact, we decided to dig further in order to understand better the scale of this attack. Mainly, we wanted to know if the statistics...
Web Analytics