Small and midsize businesses (SMBs) tend to assume that they are safe from cyberattacks because attackers are more interested in larger targets. That’s a mistake that a growing number of cybercriminals are clearly hoping to capitalize on.

New research from security vendor Trend Micro shows that malicious attackers are gaining access to inexpensive, off-the-shelf malware products that make it very easy for them to steal data from SMB networks and systems.

Two of the most popular tools currently available for this purchase are Predator Pain and Limitless, according to Trend Micro. Both are keyloggers that have been around in one form or another for several years. The remote-access Trojans allow attackers to record keystrokes, steal login credentials and user data, snoop on private chat conversations and secretly take screenshots of content being viewed by the user.

Both keyloggers are similar in function and are easily available online for as little as $40. Cloned versions of both products are even available for free, Trend Micro warned in its report.

Typically, attackers using these tools tend to send business-themed phishing emails to targeted employees at SMBs. The keyloggers are disguised as harmless-looking email attachments and are activated when someone clicks on an attachment. The emails and the attachments usually have official-looking subject headers and names to try to convince recipients to open them.

Once on a system, Predator Pain and Limitless use a variety of means, including email, file transfer protocol and Web panel to siphon data out of the victim’s computer and deliver it to the attacker.

In many cases, cybercriminals using the two keyloggers appear to be harvesting email addresses that are commonly found on websites belonging to SMBs. Trend Micro researchers discovered some attackers are using a freely available online tool known as Email Spider to crawl websites for email addresses that they can target.

SMB Security: Time to Ante Up

The appearance of such threats significantly ups the ante for SMBs that have labored for years under the belief that cybercriminals are only interested in targeting big companies.

“SMBs may not be involved in multimillion-dollar deals, but they do conduct transactions worth tens to hundreds of thousands of dollars,” Trend Micro said. Some employees may not know of the company’s best practices for security, making them vulnerable targets.

Trend Micro’s conclusions echo those expressed by several others in recent years. For example, Symantec’s Internet Security Threat Report for 2014 noted a 5 percent increase in targeted attacks against SMBs with between one and 500 employees last year. According to Symantec, about 41 percent of all targeted attacks in 2013 were directed at businesses in this category, as compared to 36 percent in 2013. Small businesses were most at risk for losing data and files from ransomware attacks such as those involving Cryptolocker, Symantec warned.

In another recently released survey by CloudEntr, a Gemalto company, a startling 89 percent of IT pros from SMBs reported having been affected in some way by recent security breaches. At the same time, nearly 60 percent of the 438 IT professionals surveyed said that recent breaches have had no actionable impact on their security policies. Only 32 percent of the professionals surveyed said their companies had plans to reevaluate or adjust planned security purchases for 2015, despite all the news coverage of breaches at major retailers in recent months.

More from

Most organizations want security vendor consolidation

4 min read - Cybersecurity is complicated, to say the least. Maintaining a strong security posture goes far beyond knowing about attack groups and their devious TTPs. Merely understanding, coordinating and unifying security tools can be challenging.We quickly passed through the “not if, but when” stage of cyberattacks. Now, it’s commonplace for companies to have experienced multiple breaches. Today, cybersecurity has taken a seat in core business strategy discussions as the risks and costs have risen dramatically.For this reason, 75% of organizations seek to…

How IBM secures the U.S. Open

2 min read - More than 15 million tennis fans around the world visited the US Open app and website this year, checking scores, poring over statistics and watching highlights from hundreds of matches over the two weeks of the tournament. To help develop this world-class digital experience, IBM Consulting worked closely with the USTA, developing powerful generative AI models that transform tennis data into insights and original content. Using IBM watsonx, a next-generation AI and data platform, the team built and managed the entire…

How the FBI Fights Back Against Worldwide Cyberattacks

5 min read - In the worldwide battle against malicious cyberattacks, there is no organization more central to the fight than the Federal Bureau of Investigation (FBI). And recent years have proven that the bureau still has some surprises up its sleeve. In early May, the U.S. Department of Justice announced the conclusion of a U.S. government operation called MEDUSA. The operation disrupted a global peer-to-peer network of computers compromised by malware called Snake. Attributed to a unit of the Russian government Security Service,…

How NIST Cybersecurity Framework 2.0 Tackles Risk Management

4 min read - The NIST Cybersecurity Framework 2.0 (CSF) is moving into its final stages before its 2024 implementation. After the public discussion period to inform decisions for the framework closed in May, it’s time to learn more about what to expect from the changes to the guidelines. The updated CSF is being aligned with the Biden Administration’s National Cybersecurity Strategy, according to Cherilyn Pascoe, senior technology policy advisor with NIST, at the 2023 RSA Conference. This sets up the new CSF to…