Many small and medium-sized businesses (SMBs) believe they are not interesting targets for advanced cyber threats such as APT groups.

Unfortunately, that is not the case.

A new report from Trend Micro reveals that the Russian threat actor APT28 (also known as Pawn Storm, Forest Blizzard, or Fancy Bear) has launched a spear-phishing campaign using a previously undocumented malware suite called PRISMEX.

PRISMEX is designed to steal sensitive information from infected systems. The malware employs advanced techniques such as steganography (hiding code in image files), COM hijacking, and abuse of legitimate cloud services to evade detection. The campaign has been active since at least September 2025 and primarily targets Ukraine’s defense industry, supply chains, and government organizations among NATO allies in Central and Eastern Europe.

For a business like yours, the consequences can be severe — even if you are not the primary target. Data theft, espionage, or operational disruption can result in lost customers, reputational damage, leakage of trade secrets, and high costs for remediation and legal consequences.

How to protect your business from PRISMEX and similar threats

• Technical measures: Ensure you have up-to-date firewalls, antivirus with behavioral detection, and regular security patching. Implement multi-factor authentication (MFA) everywhere.
• Human factor: Train all employees to recognize phishing emails. Run simulated attacks regularly and encourage reporting of suspicious messages.
• Processes: Conduct security audits at least once a year and maintain a tested incident response plan.
• Stay informed: Follow reliable sources such as CERT-SE, your national cybersecurity authority, and reports from Trend Micro, Microsoft, and others.

If you suspect that your business has already been targeted by PRISMEX or another advanced threat, contact a qualified cybersecurity expert or your IT security provider immediately. The sooner you act, the smaller the damage will be.

Take responsibility for your business today. Proactive cybersecurity is one of the smartest investments you can make to protect both your company and your customers.