Researchers at Trend Micro have been analyzing two keyloggers, dubbed Predator Pain and Limitless, and they recently released a paper on their findings.
The remote access tools are “simple, off-the-shelf” offerings used to commit corporate email fraud on a scale that researchers called “significant,” according to a blog post.
The Commercial Crime Bureau of Hong Kong Police Force has said attackers perpetrating this kind of fraud using such tools raked in as much as $75 million in the city in the first half of 2014.
By comparison, that's equal to all losses attributed to Zbot up to now. The blog noted that the keyloggers “indiscriminately steal web credentials” and capture keystrokes and screens. Because the output is “human readable” the tools better lend themselves to a few compromised machines but don't scale well when a lot of infected machines are involved.
