Hackers Target Small Businesses With Fake Software

(Image credit: wk1003mike / Shutterstock)

The Rising Threat of Spoofed Software

Security experts are sounding the alarm for small and medium-sized businesses (SMBs). A recent report from Kaspersky reveals a troubling trend: cybercriminals are increasingly disguising malware as trusted, everyday business tools. Popular applications like ChatGPT, Microsoft Office, and the Google Workspace suite are being spoofed by hackers to trick employees into compromising their company's IT infrastructure.

The primary weapons in these attacks are fake applications and Potentially Unwanted Applications (PUAs). Cybercriminals exploit the trust users have in these well-known brands to deliver malicious payloads, bypassing conventional security measures. This tactic is especially effective against smaller companies that may lack dedicated cybersecurity resources.

A Global Malware Problem

The report highlights that this is a widespread issue affecting businesses across Europe and Africa. The types of malware being deployed are particularly dangerous. In Europe, backdoors were used in nearly a quarter (24%) of all incidents, allowing attackers persistent remote access to infected systems. Trojans (17%) and downloaders (16%) were also common choices for cybercriminals.

The situation is even more severe in Africa, where backdoors accounted for over half (55%) of all recorded attacks on SMBs. Other significant threats included DangerousObjects (14%), which are highly suspicious files not yet classified, and Trojans (13%).

Geographically, certain countries are bearing the brunt of these attacks. Austria was the most targeted nation in Europe, accounting for 40% of detected cases involving PUAs disguised as trusted tools. Italy (25%), Germany (11%), Spain (10%), and Portugal (6%) followed. In Africa, Morocco was the hardest-hit country, with 41% of all detected PUAs targeting its SMBs, followed by Tunisia (24%) and Algeria (16%).

Why SMBs Are a Prime Target

Marc Rivero, Lead Security Researcher at Kaspersky, explained the predicament faced by smaller companies. "Small businesses face enterprise-level threats, often with startup-level budgets," he stated. "The key is knowing where to focus their limited resources for maximum protection. The best defense against sophisticated malware isn't the most expensive tool - it's understanding how attackers think and closing the doors they're looking for.”

Hackers are adept at capitalizing on popular trends. When ChatGPT first launched with only a web interface, criminals quickly created fake desktop and mobile apps. They used stolen social media business accounts to advertise these fraudulent applications, which were designed to distribute infostealers, backdoors, and other Trojans. To safeguard your business, consider looking into the best malware removal tools and fortifying your defenses with tools like the best password managers and the top authenticator apps.