Print Print    Close Close

PC microphones helped steal hundreds of gigabytes of data from Ukraine firms

By Mark Coppock, Mark Coppock

Published February 21, 2017

Digital Trends
UkraineFlagCrop

File photo - A climber installs the Ukrainian national flag on a roof, marking the Day of the State Flag, on the eve of the Independence Day, in Kiev, Ukraine, Aug. 23, 2016. (REUTERS/Gleb Garanich)

Allegations of state-sponsored cyberattacks have been in the news lately, including alleged Russian hacks during the recent U.S. elections. These allegations are sometimes based on the code used to break into systems, and sometimes due to the sheer scale and sophistication of attacks that could only be brought by government agencies.

One such large-scale cyberattack, dubbed "Operation BugDrop," seems to have been perpetrated against targets in the Ukraine, as reported on its blog by security firm CyberX. The attack went after at least 70 victim organizations and stole huge amounts of sensitive information using a number of methods including one attack vector -- the PC microphone -- that is very difficult to guard against.

According to CyberX, Operation BugDrop, so named because the microphones of target PCs were "bugged," used compromised Microsoft Word documents to install malware capable of eavesdropping and capturing hundreds of gigabytes of data. The firm described Operation BugDrop a "well-organized operation that employs sophisticated malware and appears to be backed by an organization with substantial resources."

Chief among those resources appear to be a very large and sophisticated infrastructure enabling the attackers to decrypt and analyze massive amounts of data -- up to several gigabytes each day -- and then store it in a massive cache of data. As CyberX points out, it's not just a machine-driven attack because the stolen data requires many human analysts to comb through and make sense of it. While state involvement isn't guaranteed, it is likely.

More From Digital Trends

  • Possible Russian hacker network may be responsible for new MacOS malware
  • Shamoon returns with malware in hand to wipe hard drives, nuke virtual machines
  • South Korea accuses North Korea of hacking military, stealing classified data
  • FBI, DOJ eyeing Russian operatives in Clinton campaign cyberattack

Most of the targets were organizations located in the Ukraine, including companies involved in engineering and designing oil and gas distribution facilities, human rights organizations, newspaper editors, and more. A smaller number of organizations in Russia, Austria, and Saudi Arabia were also targeted. Stolen data appears to include audio recordings, screenshots, documents, and passwords.

Operation BugDrop serves to highlight the growing importance of well-organized and heavily financed cybercrime operations aimed at private and governmental organizations and capable of accumulating and analyzing massive amounts of proprietary information. CyberX concludes, not surprisingly, that organizations need to be diligent in monitoring their networks and applying more modern technologies to identify and respond to these increasingly sophisticated attacks.

Print Print    Close Close

URL

https://www.foxnews.com/tech/pc-microphones-helped-steal-hundreds-of-gigabytes-of-data-from-ukraine-firms

  • Home
  • Video
  • Politics
  • U.S.
  • Opinion
  • Entertainment
  • Tech
  • Science
  • Health
  • Travel
  • Lifestyle
  • World
  • Sports
  • Weather
  • Privacy
  • Terms

This material may not be published, broadcast, rewritten, or redistributed. © FOX News Network, LLC. All rights reserved. Quotes displayed in real-time or delayed by at least 15 minutes. Market data provided by Factset. Powered and implemented by FactSet Digital Solutions. Legal Statement. Mutual Fund and ETF data provided by LSEG. Do Not Sell my Personal Information - New Terms of Use - FAQ