Security experts are warning that malware writers in Russia are offering virus support as well as creation tools.
A Russian hacking group is offering a tool to imbed a unique Trojan in a Word document that can be used for spying or network manipulation.
If the virus is identified by the antivirus companies, the hacking group will replace it with a new one.
"It is new that a virus creator is offering a service contract," said Mark Sunner, chief security analyst at MessageLabs.
"To make it harder these are one-off viruses, so the chances of your IT staff finding them are very low. We see this activity hitting every size of company."
Sunner was speaking to vnunet.com at the release of a survey by IDC on managed security offerings. The results suggest that small businesses in the UK are not taking enough care over security.
Reliability and support were the top priorities for small businesses over security spending, yet most SMEs do not have the staff or resources to do this job internally.
"Everyone now has the big risks to manage," said Greg Day, senior security analyst at McAfee.
"A lot of companies do not have the time or expertise to do their own security effectively. Under these circumstances a managed offering may be the best option."
The survey also found that the two biggest problems for SMEs are keeping up to date with security solutions and managing new threats.