Skip to main content

PC microphones helped steal hundreds of gigabytes of data from Ukraine firms

operation bugdrop used pc microphones to steal data in ukraine hackers
Image used with permission by copyright holder
Allegations of state-sponsored cyberattacks have been in the news lately, including alleged Russian hacks during the recent U.S. elections. These allegations are sometimes based on the code used to break into systems, and sometimes due to the sheer scale and sophistication of attacks that could only be brought by government agencies.

One such large-scale cyberattack, dubbed “Operation BugDrop,” seems to have been perpetrated against targets in Ukraine, as reported on its blog by security firm CyberX. The attack went after at least 70 victim organizations and stole huge amounts of sensitive information using a number of methods including one attack vector — the PC microphone — that is very difficult to guard against.

According to CyberX, Operation BugDrop, so named because the microphones of target PCs were “bugged,” used compromised Microsoft Word documents to install malware capable of eavesdropping and capturing hundreds of gigabytes of data. The firm described Operation BugDrop a “well-organized operation that employs sophisticated malware and appears to be backed by an organization with substantial resources.”

CyberX
CyberX

Chief among those resources appear to be a very large and sophisticated infrastructure enabling the attackers to decrypt and analyze massive amounts of data — up to several gigabytes each day — and then store it in a massive cache of data. As CyberX points out, it’s not just a machine-driven attack because the stolen data requires many human analysts to comb through and make sense of it. While state involvement isn’t guaranteed, it is likely.

CyberX
CyberX

Most of the targets were organizations located in Ukraine, including companies involved in engineering and designing oil and gas distribution facilities, human rights organizations, newspaper editors, and more. A smaller number of organizations in Russia, Austria, and Saudi Arabia were also targeted. Stolen data appears to include audio recordings, screenshots, documents, and passwords.

Operation BugDrop serves to highlight the growing importance of well-organized and heavily financed cybercrime operations aimed at private and governmental organizations and capable of accumulating and analyzing massive amounts of proprietary information. CyberX concludes, not surprisingly, that organizations need to be diligent in monitoring their networks and applying more modern technologies to identify and respond to these increasingly sophisticated attacks.

Mark Coppock
Mark has been a geek since MS-DOS gave way to Windows and the PalmPilot was a thing. He’s translated his love for…
Dell G16 gaming laptop discounted from $1,250 to $800
Three different color variants of the Dell G16 gaming laptop on a table.

The Dell G16 gaming laptop is one of the gaming laptop deals we highlight because it frequently represents great value for money. That's certainly the case at the moment with Dell selling the laptop for $450 off the usual price, bringing it down to $800 from $1,250. If that sounds like a sweet deal to you, read on while we tell you more about what it offers for the price. It's easily one of the more appealing laptop deals out there.

Why you should buy the Dell G16 gaming laptop
The Dell G16 gaming laptop is kitted out with pretty good hardware for the price. It has a 12th-generation Intel Core i7 processor along with 16GB of memory and 512GB of SSD storage. The highlight is its Nvidia GeForce RTX 3050 Ti graphics card which means you'll be able to play many of the latest games without any bother.

Read more
Google could kill Gmail spam with an upcoming major update
Gmail icon on an Android phone.

Google Workspace has plans to beef up the security within Gmail in the coming year, with a focus on making bulk emails less easy to flood users with.  

While the brand has begun sharing details of its plans for Gmail, it won't begin rolling out updates to the email service until February 1, 2024. The advance notice is to prepare users, especially those who navigate the Gmail platform in bulk, meaning over 5,000 messages at once, of the upcoming changes.

Read more
Apple’s new M3 Macs could launch any day now, leak claims
A MacBook Pro running macOS Sonoma at Apple's Worldwide Developers Conference (WWDC) in June 2023.

We’ve heard for months that Apple’s brand-new Macs with M3 chips will be launching in the fall, but a fresh leak suggests their release could be just around the corner. If you’ve been waiting to upgrade, your moment may have almost arrived.

The information comes from the news site MacRumors, which cites “a verified source” in its report. According to the outlet, Apple is about to change the list of Macs available to be traded in at the company’s stores.

Read more