The common attack scenarios by cybercriminals using these toolkits involve sending out business-themed messages to publicly listed email addresses-methods that are very similar or related to what is known as a Business Email Compromise (BEC) scheme. Our researchers studied these keyloggers for only a few months, but have found a number of noteworthy features. These remote access tools (RATs) possess similar functions: standard keylogging behaviors with several data-exfiltration methods.
This Trend Micro research paper reveals the operations behind Predator Pain and Limitless keyloggers, both of which are easily obtainable from underground forums.
View research paper: Predator Pain and Limitless
